Trojan Delf – 41Hidden-Sabotage Port Test Edici.exe – 0a6deb1b3730bffe6546a7afc3b1cf1e

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Delf
Also known as: Trojan FakeAV, Trojan Agent
SHA256: 6d64e3fc5b30c297c20e177c86552995d5a73a4308483f4fa6ecd32efb9142ea
SHA1: dd482c466eb7ba7d89b73d70616560d7b4ee17cc
MD5: 0a6deb1b3730bffe6546a7afc3b1cf1e
File size: 270336 bytes

Created files:

%WinDir%\41Hidden-Sabotage Port Test Edici.exe – Trojan Delf
%WinDir%\41Hidden-Sabotage Port Test Edici.exe.exe – Trojan Delf
%SysDir%\InstallDir\Server.exe – Trojan Delf

Trojan Delf created autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{M123GQ4I-5CQR-V3G0-7185-O8OTI1V7I4U7}\StubPath: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0049006E007300740061006C006C004400690072005C005300650072007600650072002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0049006E007300740061006C006C004400690072005C005300650072007600650072002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0049006E007300740061006C006C004400690072005C005300650072007600650072002E006500780065000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images