Trojan Banload – Autorun.inf – 0b2a79bff87a995c7f91483696970c96

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Banload
Also known as: Trojan Banker, Trojan Crypt
SHA256: 3909e7b6e94779fb3dce00b862ef72d71fbe353ca760be247a80ce41bbc6b00a
SHA1: 794d158bb4ff0acba4a9257288cf4312365fc07a
MD5: 0b2a79bff87a995c7f91483696970c96
File size: 239422 bytes

Created files:

C:\Autorun.inf – Trojan Banload
C:\Mr_CoolFace.scr – Trojan Banload
%WinDir%\Negeri Serumpun Sebalai .pif .bat .com .scr .exe – Trojan Banload
%SysDir%\wnkieq.exe – Trojan Banload
%AppData%\Autorun.inf – Trojan Banload
%AppData%\explorer.exe – Trojan Banload
%AppData%\Mr_CoolFace.exe – Trojan Banload
%AppData%\Mutant.exe – Trojan Banload
%AppData%\Sahang.exe – Trojan Banload
%AppData%\SMA Negeri 1 Pangkalpinang.exe – Trojan Banload
%AppData%\Timah.exe – Trojan Banload
%Desktop%\Message For My Princess.scr – Trojan Banload
%Local AppData%\Polymorph1.exe – Trojan Banload
%Local AppData%\Polymorph2.exe – Trojan Banload
%UserProfile%\Local Settings\DNALSI_AKGNAB.exe – Trojan Banload

Trojan Banload created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\fydovg: wnkieq.exefydovgluwvbwvywm|vartnhq
HKCU\Control Panel\Desktop\SCRNSAVE.EXE: MR_COO~1.SCR

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images