SMTPSEND.EXE – Trojan SuspiciousFile

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SMTPSEND.EXE – Trojan SuspiciousFile removal

FileMD5Virus Alias
SMTPSEND.EXE bce8d8a686ca547f100ef11568eefd6e Trojan SuspiciousFile

SMTPSEND.EXE size: 80904 bytes
SMTPSEND.EXE hash: BCE8D8A686CA547F100EF11568EEFD6E

Created files:

%WinDir%\Temp\CREADLL.dll
%WinDir%\Temp\dnslib.dll
%WinDir%\Temp\Download.exe
%WinDir%\Temp\encdec.dll
%WinDir%\Temp\escanipc.exe
%WinDir%\Temp\escanmon9.exe
%WinDir%\Temp\eScanwin.exe
%WinDir%\Temp\eslogon.dll
%WinDir%\Temp\esupd.exe
%WinDir%\Temp\farbuffer.ppl
%WinDir%\Temp\faristream.ppl
%WinDir%\Temp\FSSync.dll
%WinDir%\Temp\Getvlist.exe
%WinDir%\Temp\ichk2.ppl
%WinDir%\Temp\ikave.dll
%WinDir%\Temp\instscan.exe
%WinDir%\Temp\Inst_TSP.EXE
%WinDir%\Temp\inst_tspx.exe
%WinDir%\Temp\kave.dll
%WinDir%\Temp\KILLPROC.exe
%WinDir%\Temp\LAUNCH.exe
%WinDir%\Temp\License9.exe
%WinDir%\Temp\lickey.dll
%WinDir%\Temp\mailadm.exe
%WinDir%\Temp\MAILDISP.exe
%WinDir%\Temp\MAILREMV.exe
%WinDir%\Temp\MAILSCAN.exe
%WinDir%\Temp\mdb.ppl
%WinDir%\Temp\mexe.com
%WinDir%\Temp\MonInter.dll
%WinDir%\Temp\msvclnt.dll
%WinDir%\Temp\msvl64.dll
%WinDir%\Temp\MWAGENT.exe
%WinDir%\Temp\MWASer.exe
%WinDir%\Temp\mwnsp.dll
%WinDir%\Temp\mwnsp64.dll
%WinDir%\Temp\mwtsp.dll
%WinDir%\Temp\mwtsp64.dll
%WinDir%\Temp\prLoader.dll
%WinDir%\Temp\reload.exe
%WinDir%\Temp\rp.exe
%WinDir%\Temp\RunFile.exe
%WinDir%\Temp\sc.exe
%WinDir%\Temp\scan.dll
%WinDir%\Temp\ScanningProcess.exe
%WinDir%\Temp\SCANREMV.exe
%WinDir%\Temp\setpriv.exe
%WinDir%\Temp\smtpsend.exe
%WinDir%\Temp\spooler.exe
%WinDir%\Temp\test2.exe
%WinDir%\Temp\Traycser.exe
%WinDir%\Temp\TRAYESER.exe
%WinDir%\Temp\TrayicoC.exe
%WinDir%\Temp\Trayicos.exe

Detected by UnHackMe:

SMTPSEND.EXE
Default location: %TEMP%\SMTPSEND.EXE

Dropper information:
MD5: 6881bde35ce918c21e7f39cf8f1c696c
File size: 16807084 bytes

Leave a Reply