OXK2ZF52I44B.EXE – Trojan Agent

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

OXK2ZF52I44B.EXE – Trojan Agent removal

FileMD5Virus Alias
OXK2ZF52I44B.EXE 1d83db28a6c9c8dd866d66369844b697 Trojan Agent
OXK2ZF52I44B.EXE 1d83db28a6c9c8dd866d66369844b697 Trojan SuspiciousFile
OXK2ZF52I44B.EXE 1d83db28a6c9c8dd866d66369844b697 Trojan Generic
OXK2ZF52I44B.EXE 1d83db28a6c9c8dd866d66369844b697 Trojan Genome
OXK2ZF52I44B.EXE 1d83db28a6c9c8dd866d66369844b697 Trojan Eldorado
OXK2ZF52I44B.EXE 1d83db28a6c9c8dd866d66369844b697 Trojan Downloader

OXK2ZF52I44B.EXE size: 73728 bytes
OXK2ZF52I44B.EXE hash: 1D83DB28A6C9C8DD866D66369844B697

Created files:

%Program Files%\PH9YA.exe
%Program Files%\QX73WN8\E12ADJZ0.exe
%WinDir%\OXK2ZF52I44B.exe
D:\cert\VBoxCertUtil.exe
D:\VBoxWindowsAdditions-x86.exe
D:\VBoxWindowsAdditions.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\PLW4L\Type: 10010000
HKLM\System\CurrentControlSet\Services\PLW4L\Start: 02000000
HKLM\System\CurrentControlSet\Services\PLW4L\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\PLW4L\DisplayName: PLW4L
HKLM\System\CurrentControlSet\Services\PLW4L\ImagePath: %WinDir%\OXK2ZF52I44B.exe -4I9T8W63KYX1

Detected by UnHackMe:

OXK2ZF52I44B.EXE
Default location: %WinDir%\OXK2ZF52I44B.EXE

Dropper information:
MD5: 1d83db28a6c9c8dd866d66369844b697
File size: 73728 bytes

Leave a Reply