TEMP1.EXE – Trojan Magania

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

TEMP1.EXE – Trojan Magania removal

FileMD5Virus Alias
TEMP1.EXE b82e75376afdb3e0bb092f4fca53e4b9 Trojan Magania
TEMP1.EXE b82e75376afdb3e0bb092f4fca53e4b9 Trojan SuspiciousFile
TEMP1.EXE b82e75376afdb3e0bb092f4fca53e4b9 Trojan Eldorado
TEMP1.EXE b82e75376afdb3e0bb092f4fca53e4b9 Trojan Downloader
TEMP1.EXE b82e75376afdb3e0bb092f4fca53e4b9 Trojan Siggen
TEMP1.EXE b82e75376afdb3e0bb092f4fca53e4b9 Trojan Agent

TEMP1.EXE size: 137216 bytes
TEMP1.EXE hash: B82E75376AFDB3E0BB092F4FCA53E4B9

Created files:

C:\2777100.dll
C:\windows\system32\dllcache\ws2help.dll
C:\windows\system32\drivers\420a0a1f.sys
C:\windows\system32\drivers\xpV3001.sys
C:\windows\system32\ws2helpXP.dll
C:\windows\system32\wshtcpip.dll
C:\windows\Tasks\TespayServer.exe
C:\windows\temp\svohcst.exe
C:\windows\temp\temp1.exe
C:\windows\temp\temp2.exe
C:\windows\temp\temp3.exe
C:\windows\temp\temp4.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Download: C:\windows\temp\svohcst.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\Tasks\TespayServer.exe|X- |2?`?Detected by UnHackMe:

TEMP1.EXE
Default location: %TEMP%\TEMP1.EXE

Dropper information:
MD5: ca33e1826f8d03ed2c11fba563ca3bbb
File size: 4207 bytes

Leave a Reply