Trojan Agent – run.bat – e4a033304aa9ea13c2058e41f1b5f00c

Alex NightWatcher

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Agent
Also known as: Trojan Zbot
SHA256: 595cae4db2072ff3a109a20a579b65f3a3e8bafadea673d55661cac1cb7022e2
SHA1: 7b0d10195995904f3d221528b373efecfdf66cb7
MD5: e4a033304aa9ea13c2058e41f1b5f00c
File size: 1102340 bytes

Created files:

C:\Windows\temp\spoolsv\run.bat – Trojan Agent
C:\Windows\temp\spoolsv\spoolsv.exe – Trojan Agent

Trojan Agent created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\spoolsv: “C:\Windows\temp\spoolsv\spoolsv.exe”
HKLM\System\CurrentControlSet\Services\svchost\Parameters\Application: “C:\Windows\temp\spoolsv\spoolsv.exe”
HKLM\System\CurrentControlSet\Services\svchost\Parameters\AppDirectory: “C:\Windows\temp\spoolsv\spoolsv.exe”

Leave a Reply Cancel reply

You must be logged in to post a comment.