Trojan-Ransom Winlock – bGygFEL2.exe – 90c2ff4b6dfc016a8d2f9c193bfff284

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan-Ransom Winlock
Also known as: Trojan CI, Trojan DNAScan
SHA256: cacdbffd53c111737c6fe8d10bbe5973ab1c0bf5379748156684d3f0a1c251c1
SHA1: e7a986a85ef2b8712b77cb75a3b3adf146af109a
MD5: 90c2ff4b6dfc016a8d2f9c193bfff284
File size: 241664 bytes

Created files:

%AppData%\bGygFEL2.exe – Trojan-Ransom Winlock

Trojan-Ransom Winlock created autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{uObPN34S-7p1e-oS5S-Glav-XOe8wsHM2mbA}\QBRwzroaS95FofL: “%AppData%\bGygFEL2.exe” /ActiveX
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\QBRwzroaS95FofL: %AppData%\bGygFEL2.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: %AppData%\bGygFEL2.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\QBRwzroaS95FofL: %AppData%\bGygFEL2.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: %AppData%\bGygFEL2.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images