OCEANSETUP.EXE – Trojan Artemis

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

OCEANSETUP.EXE – Trojan Artemis removal

FileMD5Virus Alias
OCEANSETUP.EXE 43f069149dc060d0671babbc9a31cf1d Trojan Artemis
OCEANSETUP.EXE 43f069149dc060d0671babbc9a31cf1d Trojan Qhost
OCEANSETUP.EXE 43f069149dc060d0671babbc9a31cf1d Trojan MulDrop4
OCEANSETUP.EXE 43f069149dc060d0671babbc9a31cf1d Trojan Agent

OCEANSETUP.EXE size: 916118 bytes
OCEANSETUP.EXE hash: 43F069149DC060D0671BABBC9A31CF1D

Created files:

%Program Files%\Fileocean\COMDLG32.OCX
%Program Files%\Fileocean\fileoceandn.exe
%Program Files%\Fileocean\oceanfiledn.exe
%Program Files%\Fileocean\Uninstall.exe
%WinDir%\oceansetup.exe
%SysDir%\INETKO.DLL

Autostart registry keys:

HKLM\Software\Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Fileocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Fileocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Fileocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Fileocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Fileocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Fileocean\COMDLG32.OCX
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\FileOcean: %Program Files%\Fileocean\fileoceandn.exe

Detected by UnHackMe:

OCEANSETUP.EXE
Default location: %WinDir%\OCEANSETUP.EXE

Dropper information:
MD5: 2fa566169346a4edaa57e81fa7e7c9b6
File size: 950152 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images