Trojan Delf – Qohup.exe – 17e2194b384dc348888c12b8734fa0aa

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Delf
Also known as: Trojan FakeAV, Trojan Small
SHA256: f5507d5fca1ffc3316257bc03b70eaac7034503943ce8d6381d5ac7ae73483a7
SHA1: ee0abf0e95c06080e046960ad8e710551cbb0796
MD5: 17e2194b384dc348888c12b8734fa0aa
File size: 10850294 bytes

Created files:

%Program Files%\Empdu\Qohup.exe – Trojan Delf
%Program Files%\Empdu\Qrao.exe – Trojan Delf
%Program Files%\Empdu\Uihu\Ifib.dll – Trojan Delf
%Temp%\g868\Neuxpower.NXPowerLite.v4.1.2.Multilingual.Regged.exe – Trojan Delf

Trojan Delf created autostart registry keys:

HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Empdu\Qrao.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images