Trojan Agent – dK4kgvCr.bat – 6ec5ba5c55972a1bc44475583c743a75

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Agent
Also known as: Trojan Generic.KD, Trojan Jbox
SHA256: 8c8cf0d7dbda10dd2f9d0e602f17d7b5dae53326a39e8b1715130dfeed8086ed
SHA1: 742afcede283b8fbc8248e9cfd537964209dda0a
MD5: 6ec5ba5c55972a1bc44475583c743a75
File size: 1030328 bytes

Created files:

%SysDir%\config\systemprofile\Application Data\dK4kgvCr.bat – Trojan Agent
%SysDir%\config\systemprofile\Application Data\driver.inf – Trojan Agent
%SysDir%\config\systemprofile\Application Data\msstart.exe – Trojan Agent
%SysDir%\config\systemprofile\Application Data\Plug.bat – Trojan Agent

Trojan Agent created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Mshost Manager: %WinDir%\System32\config\Systemprofile\Application Data\msstart.exe
HKLM\System\CurrentControlSet\Services\Mshost Manager\Type: 10010000
HKLM\System\CurrentControlSet\Services\Mshost Manager\Start: 02000000
HKLM\System\CurrentControlSet\Services\Mshost Manager\DisplayName: Mshost Manager
HKLM\System\CurrentControlSet\Services\Mshost Manager\ImagePath: %SystemRoot%\System32\config\Systemprofile\Application Data\Plug.bat

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images