PIPI_OSC_SILENT_437.EXE – Trojan Crypt

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

PIPI_OSC_SILENT_437.EXE – Trojan Crypt removal

FileMD5Virus Alias
PIPI_OSC_SILENT_437.EXE b4a70fd5a790a3c4e8d414f6440ec813 Trojan Crypt
PIPI_OSC_SILENT_437.EXE b4a70fd5a790a3c4e8d414f6440ec813 Trojan SuspiciousFile
PIPI_OSC_SILENT_437.EXE b4a70fd5a790a3c4e8d414f6440ec813 Trojan Agent

PIPI_OSC_SILENT_437.EXE size: 5452713 bytes
PIPI_OSC_SILENT_437.EXE hash: B4A70FD5A790A3C4E8D414F6440EC813

Created files:

%Program Files%\Heiio\Kire\Ceobt.dll
%Program Files%\Heiio\Loqpa.exe
%Program Files%\Heiio\Yiddf.exe
%TEMP%\g813\pipi_osc_silent_437.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ALXO\Start: 02000000
HKLM\System\CurrentControlSet\Services\ALXO\Type: 10000000
HKLM\System\CurrentControlSet\Services\ALXO\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\ALXO\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\ALXO\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ALXO\Group: TDI
HKLM\System\CurrentControlSet\Services\ALXO\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\ALXO\ImagePath: %Program Files%\Heiio\Loqpa.exe

Detected by UnHackMe:

PIPI_OSC_SILENT_437.EXE
Default location: %TEMP%\G813\PIPI_OSC_SILENT_437.EXE

Dropper information:
MD5: 14e1b105921c58391a6b42a9bf79c8ca
File size: 7419677 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images