UPDATEC2.OCX – Trojan Downloader

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

UPDATEC2.OCX – Trojan Downloader removal

FileMD5Virus Alias
UPDATEC2.OCX a4d8864d1498c054e9c1a17f4557d634 Trojan Downloader

UPDATEC2.OCX size: 34304 bytes
UPDATEC2.OCX hash: A4D8864D1498C054E9C1A17F4557D634

Created files:

%TEMP%\RarSFX0\JD\EmbedTradeLoginDll.dll
%TEMP%\RarSFX0\JD\JD.exe
%TEMP%\RarSFX0\JD\MSEmbedTradeLoginDll.dll
%TEMP%\RarSFX0\JD\QlUpdate.exe
%TEMP%\RarSFX0\JD\QsLoginDLL.dll
%TEMP%\RarSFX0\JD\SelectISP.exe
%TEMP%\RarSFX0\JD\updateC2.ocx
%TEMP%\RarSFX0\JD\UpdateEx.exe
%TEMP%\RarSFX0\QlSetup.exe
%TEMP%\RarSFX0\QlSysCfg\hkbroker.DBF
%TEMP%\RarSFX0\unsetup\UnSetup.exe
%TEMP%\RarSFX0\wt\cacert.crt
%TEMP%\RarSFX0\wt\public.pfx
%TEMP%\RarSFX0\wt\QLTRADE.exe
%TEMP%\RarSFX0\wt\QLTRADESTOCK.dll
%TEMP%\RarSFX0\wt\QlUpdate.exe
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeAccount.ql
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeComboHisEntrust.ql
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeTodayEntrust20121231.ql
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeuser.ql
%TEMP%\RarSFX0\wt\QL_BigGrayRes.dll
%TEMP%\RarSFX0\wt\QL_BigRes.dll
%TEMP%\RarSFX0\wt\QL_GrayRes.dll
%TEMP%\RarSFX0\wt\QL_Res.dll
%TEMP%\RarSFX0\wt\srl.ql
%TEMP%\RarSFX0\wt\tradehint.ql
%TEMP%\RarSFX0\wt\tradenet.ql
%TEMP%\RarSFX0\wt\UnicodeFile.bin
%TEMP%\RarSFX0\wt\UnicodeFile_1.bin
%TEMP%\RarSFX0\wt\UnicodeFile_2.bin
%TEMP%\RarSFX0\wt\UnicodeFile_3.bin

Detected by UnHackMe:

UPDATEC2.OCX
Default location: %TEMP%\RARSFX0\JD\UPDATEC2.OCX

Dropper information:
MD5: 81f99504e893c75be7770370827a5070
File size: 4399714 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images