Trojan Generic.KD – crrss.exe – 6700bb27f9521ff0f6f9499c8c156d76

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Generic.KD
Also known as: Trojan Agent, Worm Autorun
SHA256: 6758f7fe046682dc2ab7cf7ef1e53db53f8a0388dacf570b0645c4fab51dcf5f
SHA1: 11052ae2204fd1993ca78f2c9df545c6ef791ec2
MD5: 6700bb27f9521ff0f6f9499c8c156d76
File size: 87040 bytes

Created files:

%SysDir%\crrss.exe – Trojan Generic.KD
%Temp%\oid.bat – Trojan Generic.KD
%UserProfile%\ss.exe – Trojan Generic.KD
%UserProfile%\winlogon.exe – Trojan Generic.KD

Trojan Generic.KD created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\crrss: %WinDir%\System32\crrss.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\System32\crrss.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\winlogon: %UserProfile%\winlogon.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: explorer.exe “%UserProfile%\winlogon.exe”

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images