Trojan Magania – 352c4654.sys – 8c3cab3a4461522e7fd895832fbe9361

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Magania
Also known as: Worm Autorun, Trojan Crypt
SHA256: 673191ae465a25227efedae42a9a79a4285a4d9446216f8fd2d8ababedc28c7f
SHA1: db12f54b911740c76c35a0379ce6655a8d5c081e
MD5: 8c3cab3a4461522e7fd895832fbe9361
File size: 194560 bytes

Created files:

%SysDir%\drivers\352c4654.sys – Trojan Magania
%SysDir%\drivers\498773d2.sys – Trojan Magania
%SysDir%\poorcd.dll – Trojan Magania
%SysDir%\wshtcpcd.dll – Trojan Magania
%Temp%\2uWyQF6f.dll – Trojan Magania
%Temp%\Coor.bat – Trojan Magania
%Temp%\wyuB6w.dll – Trojan Magania

Trojan Magania created autostart registry keys:

HKLM\Software\Classes\CLSID\{6E51C402-5F6C-4F6C-8296-3345C441F1FE}\InprocServer32 : %WinDir%\System32\poorcd.dll
HKLM\System\CurrentControlSet\Services\352c4654\Type: 01000000
HKLM\System\CurrentControlSet\Services\352c4654\Start: 01000000
HKLM\System\CurrentControlSet\Services\352c4654\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\352c4654\DisplayName: 352c4654
HKLM\System\CurrentControlSet\Services\352c4654\ImagePath: \??\%WinDir%\System32\drivers\352c4654.sys
HKLM\System\CurrentControlSet\Services\498773d2\Type: 01000000
HKLM\System\CurrentControlSet\Services\498773d2\Start: 01000000
HKLM\System\CurrentControlSet\Services\498773d2\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\498773d2\DisplayName: 498773d2
HKLM\System\CurrentControlSet\Services\498773d2\ImagePath: \??\%WinDir%\System32\drivers\498773d2.sys

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images