MEDIO.EXE – Trojan Kazy

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

MEDIO.EXE – Trojan Kazy removal

File MD5 Virus Alias
MEDIO.EXE b89cd22d7393de28da8a5cb4073c72c0 Trojan Kazy
MEDIO.EXE b89cd22d7393de28da8a5cb4073c72c0 Trojan Win32-Spy
MEDIO.EXE b89cd22d7393de28da8a5cb4073c72c0 Trojan SuspiciousFile
MEDIO.EXE b89cd22d7393de28da8a5cb4073c72c0 Trojan DNAScan
MEDIO.EXE b89cd22d7393de28da8a5cb4073c72c0 Backdoor Poison

MEDIO.EXE size: 574090 bytes
MEDIO.EXE hash: B89CD22D7393DE28DA8A5CB4073C72C0

Created files:

%WinDir%\install\chrome.exe
%TEMP%\IXP000.TMP\citadel.exe
%TEMP%\IXP000.TMP\medio.exe
%TEMP%\UuU.uUu
%TEMP%\XxX.xXx

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{GYHTFHI8-H5ED-2PS4-7KJI-7Q2678X0553X}\StubPath: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%TEMP%\IXP000.TMP\”
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C0069006E007300740061006C006C005C006300680072006F006D0065002E006500780065000000

Detected by UnHackMe:

MEDIO.EXE
Default location: %TEMP%\IXP000.TMP\MEDIO.EXE

Dropper information:
MD5: 43b2857880e5bd9200d002b02db4a20d
File size: 1269248 bytes

Leave a Reply