Trojan Banker – bpk.exe – 0089ea1a0abceb5ad4d6f87606af8cf0

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Banker
Also known as: Trojan CI, Trojan Generic
SHA256: 0300d4729c1da09b08a0c0ac6dc89c84012592dc32c19f68144125f2c45065e6
SHA1: 91a606ac1fcd497ec3b0dd111bd3f7a367252dd2
MD5: 0089ea1a0abceb5ad4d6f87606af8cf0
File size: 598016 bytes

Created files:

%WinDir%\TEMP\bpk.exe – Trojan Banker
%WinDir%\TEMP\bpkhk.dll – Trojan Banker
%WinDir%\TEMP\bpkr.exe – Trojan Banker
%WinDir%\TEMP\bpkwb.dll – Trojan Banker
%Temp%\RarSFX0\bpk.exe – Trojan Banker
%Temp%\RarSFX0\bpkhk.dll – Trojan Banker
%Temp%\RarSFX0\bpkwb.dll – Trojan Banker
%Temp%\RarSFX0\rinst.exe – Trojan Banker
%Temp%\RarSFX0\rundll32.exe – Trojan Banker
%Temp%\recover.exe – Trojan Banker
%Temp%\rundll32.exe – Trojan Banker

Trojan Banker created autostart registry keys:

HKLM\Software\Classes\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\InprocServer32 : %WinDir%\TEMP\bpkwb.dll
HKLM\Software\Classes\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\InprocServer32\ThreadingModel: Apartment

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images