Trojan Swisyn – explorer.exe – 0f0e9b1a4106265cd98d88376e86c939

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Trojan Swisyn
Also known as: Trojan Agent, Trojan Eldorado
SHA256: 2b008b4b77de0a3c1f82115c3eb749702ffd14807ac3cd7bbf3397cd1c935109
SHA1: f96302667800a92e716cd8ed670b0e6e6faee46d
MD5: 0f0e9b1a4106265cd98d88376e86c939
File size: 211944 bytes

Created files:

C:\windows\system\explorer.exe – Trojan Swisyn
C:\windows\system\spoolsv.exe – Trojan Swisyn
C:\windows\system\svchost.exe – Trojan Swisyn
%AppData%\mrsys.exe – Trojan Swisyn

Trojan Swisyn created autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999}\StubPath: %AppData%\mrsys.exe MR
HKLM\Software\Microsoft\Active Setup\Installed Components\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666}\StubPath: %AppData%\mrsys.exe MR
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\Explorer: c:\windows\System\explorer.exe RO
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\Svchost: c:\windows\System\svchost.exe RO
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: C:\windows\explorer.exe, c:\windows\System\explorer.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images