Trojan Agent – appface.dll – a857c2222207f13dea168f43697c91c3

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Agent
Also known as: Trojan CI, Trojan Downloader.Generic
SHA256: 8e288bf65908a020815ad5e6cbfa9c2d4fc76b3ef6ddf96c250902dfb8d73dfc
SHA1: 0700b68f9aab837875b32978d1368f535f27802f
MD5: a857c2222207f13dea168f43697c91c3
File size: 775203 bytes

Created files:

%SysDir%\appface.dll – Trojan Agent
%SysDir%\newex.ocx – Trojan Agent
%SysDir%\wskinlog.dll – Trojan Agent
%Temp%\wkhjiami45.exe – Trojan Agent

Trojan Agent created autostart registry keys:

HKLM\Software\Classes\CLSID\{05B9F8C7-05D2-11D1-A081-444553540000}\InprocServer32 : %WinDir%\System32\newex.ocx
HKLM\Software\Classes\CLSID\{05B9F8C7-05D2-11D1-A081-444553540000}\InprocServer32\ThreadingModel: Apartment
HKLM\Software\Classes\CLSID\{05B9F8C8-05D2-11D1-A081-444553540000}\InprocServer32 : %WinDir%\System32\newex.ocx
HKLM\Software\Classes\CLSID\{05B9F8CB-05D2-11D1-A081-444553540000}\InprocServer32 : %WinDir%\System32\newex.ocx
HKLM\Software\Classes\CLSID\{05B9F8CB-05D2-11D1-A081-444553540000}\InprocServer32\ThreadingModel: Apartment
HKLM\Software\Classes\CLSID\{05B9F8CC-05D2-11D1-A081-444553540000}\InprocServer32 : %WinDir%\System32\newex.ocx
HKLM\Software\Classes\CLSID\{FAF949C4-1DAF-11D3-A0F9-00409505ECD6}\InprocServer32 : %WinDir%\System32\newex.ocx
HKLM\Software\Classes\CLSID\{FAF949C4-1DAF-11D3-A0F9-00409505ECD6}\InprocServer32\ThreadingModel: Apartment
HKLM\Software\Classes\CLSID\{FAF949C5-1DAF-11D3-A0F9-00409505ECD6}\InprocServer32 : %WinDir%\System32\newex.ocx

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images