TEMP1.EXE – Trojan OnLineGames

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

TEMP1.EXE – Trojan OnLineGames removal

FileMD5Virus Alias
TEMP1.EXE c3186450200a5fd46a7c7947412380cc Trojan OnLineGames
TEMP1.EXE c3186450200a5fd46a7c7947412380cc Trojan DLOADER
TEMP1.EXE c3186450200a5fd46a7c7947412380cc Trojan Artemis
TEMP1.EXE c3186450200a5fd46a7c7947412380cc Trojan Generic
TEMP1.EXE c3186450200a5fd46a7c7947412380cc Trojan CI
TEMP1.EXE c3186450200a5fd46a7c7947412380cc Worm Palevo

TEMP1.EXE size: 102400 bytes
TEMP1.EXE hash: C3186450200A5FD46A7C7947412380CC

Created files:

C:\175000.dll
C:\windows\svchost.exe
C:\windows\system32\drivers\ahnurla.sys
C:\windows\system32\RpcSvc.psd
C:\windows\temp\temp1.exe
C:\windows\temp\temp2.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ahnurla\Type: 01000000
HKLM\System\CurrentControlSet\Services\ahnurla\Start: 02000000
HKLM\System\CurrentControlSet\Services\ahnurla\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ahnurla\DisplayName: ahnurla
HKLM\System\CurrentControlSet\Services\ahnurla\ImagePath: %WinDir%\System32\drivers\ahnurla.sys
HKLM\System\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip\DLLPath: 43003A005C003100370035003000300030002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\RpcSvc\Type: 10010000
HKLM\System\CurrentControlSet\Services\RpcSvc\Start: 02000000
HKLM\System\CurrentControlSet\Services\RpcSvc\DisplayName: Remote Procedure Call (RPC) Service
HKLM\System\CurrentControlSet\Services\RpcSvc\ImagePath: %SystemRoot%\System32\svchost.exe -k imgsvc

Detected by UnHackMe:

TEMP1.EXE
Default location: %TEMP%\TEMP1.EXE

Dropper information:
MD5: cf3c356161faef259e7510950c9587a1
File size: 247304 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images