UTILOCEANSETUP.EXE – Trojan Artemis

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

UTILOCEANSETUP.EXE – Trojan Artemis removal

FileMD5Virus Alias
UTILOCEANSETUP.EXE 3a401daf1ddfd26a74cd05fec91805f9 Trojan Artemis
UTILOCEANSETUP.EXE 3a401daf1ddfd26a74cd05fec91805f9 Trojan Qhost
UTILOCEANSETUP.EXE 3a401daf1ddfd26a74cd05fec91805f9 Trojan SuspiciousFile
UTILOCEANSETUP.EXE 3a401daf1ddfd26a74cd05fec91805f9 Trojan MulDrop4
UTILOCEANSETUP.EXE 3a401daf1ddfd26a74cd05fec91805f9 Trojan Eldorado
UTILOCEANSETUP.EXE 3a401daf1ddfd26a74cd05fec91805f9 Trojan Agent

UTILOCEANSETUP.EXE size: 916196 bytes
UTILOCEANSETUP.EXE hash: 3A401DAF1DDFD26A74CD05FEC91805F9

Created files:

%Program Files%\Utilocean\COMDLG32.OCX
%Program Files%\Utilocean\Uninstall.exe
%Program Files%\Utilocean\utiloceandn.exe
%Program Files%\Utilocean\utiloceanup.exe
%SysDir%\INETKO.DLL
%WinDir%\utiloceansetup.exe

Autostart registry keys:

HKLM\Software\Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Utilocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Utilocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Utilocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 : %WinDir%\System32\MSINET.OCX
HKLM\Software\Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Utilocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Utilocean\COMDLG32.OCX
HKLM\Software\Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 : %Program Files%\Utilocean\COMDLG32.OCX
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\UtilOcean: %Program Files%\Utilocean\utiloceanup.exe

Detected by UnHackMe:

UTILOCEANSETUP.EXE
Default location: %WinDir%\UTILOCEANSETUP.EXE

Dropper information:
MD5: b2c361e7c627606fca789e1f2cc71d00
File size: 950152 bytes

Leave a Reply