Trojan StartPage – EEQ.exe – 07a932cac631b3bae84e7527382e9b10

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan StartPage
Also known as: Trojan Crypt, Worm Autorun
SHA256: f4814334d27659ef6142f890bb4f991b662f5a31ac371f847fddbdb8e28fafaa
SHA1: 5d357211583e13b427c24b70d208280bd5c4ddcf
MD5: 07a932cac631b3bae84e7527382e9b10
File size: 93708 bytes

Created files:

C:\EEQQ\EEQ.exe – Trojan StartPage
C:\EEQQ\QQE.exe – Trojan StartPage
%WinDir%\regedit.exe – Trojan StartPage
%SysDir%\dllcache\wscript.exe – Trojan StartPage
%SysDir%\jsujuibmhf\smss.exe – Trojan StartPage
%SysDir%\lukoxpsgte\explorer.exe – Trojan StartPage
%SysDir%\reg.exe – Trojan StartPage
%SysDir%\wscript.exe – Trojan StartPage
%Common DesktopDirectory%\Intennet Exploner.lnk – Trojan StartPage
%Common Startmenu%\Programs\Startup\abhaouujwj.lnk – Trojan StartPage

Trojan StartPage created autostart registry keys:

HKLM\Software\Classes\CLSID\{F986CC17-37C0-4585-B7D9-15F2161F0584}\InProcServer32 : %SystemRoot%\System32\shdocvw.dll
HKLM\Software\Classes\CLSID\{F986CC17-37C0-4585-B7D9-15F2161F0584}\InProcServer32\ThreadingModel: Apartment
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\run\jsujuibmhf: “%WinDir%\System32\jsujuibmhf\smss.exe” -l
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\run\lukoxpsgte: “%WinDir%\System32\lukoxpsgte\explorer.exe” -l
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe c:\eeqq\qqe.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images