XHEEPZWWHRO.EXE – Trojan Vilsel

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

XHEEPZWWHRO.EXE – Trojan Vilsel removal

FileMD5Virus Alias
XHEEPZWWHRO.EXE a58df06985548f1e45fc9b2eebb5b5ae Trojan Vilsel
XHEEPZWWHRO.EXE a58df06985548f1e45fc9b2eebb5b5ae Trojan Generic
XHEEPZWWHRO.EXE a58df06985548f1e45fc9b2eebb5b5ae Trojan Eldorado
XHEEPZWWHRO.EXE a58df06985548f1e45fc9b2eebb5b5ae Trojan PAM
XHEEPZWWHRO.EXE a58df06985548f1e45fc9b2eebb5b5ae Trojan Renos
XHEEPZWWHRO.EXE a58df06985548f1e45fc9b2eebb5b5ae Worm Autorun

XHEEPZWWHRO.EXE size: 327680 bytes
XHEEPZWWHRO.EXE hash: A58DF06985548F1E45FC9B2EEBB5B5AE

Created files:

%WinDir%\dupzshbrnzxnqwhyt.exe
%WinDir%\kecpldatshibhqeywjfx.exe
%WinDir%\mealfvqherqhlsewsd.exe
%WinDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\dupzshbrnzxnqwhyt.exe
%SysDir%\kecpldatshibhqeywjfx.exe
%SysDir%\mealfvqherqhlsewsd.exe
%SysDir%\qmmbztsnofidlwmiixvpoj.exe
%SysDir%\wmgphvodyjgvxcmc.exe
%SysDir%\xqnzulhzxlldiqdwtfa.exe
%SysDir%\zuthexvppfhbishcbpmfd.exe
%TEMP%\dupzshbrnzxnqwhyt.exe
%TEMP%\kecpldatshibhqeywjfx.exe
%TEMP%\mealfvqherqhlsewsd.exe
%TEMP%\qmmbztsnofidlwmiixvpoj.exe
%TEMP%\wmgphvodyjgvxcmc.exe
%TEMP%\xeppydn.exe
%TEMP%\xheepzwwhro.exe
%TEMP%\xqnzulhzxlldiqdwtfa.exe
%TEMP%\zuthexvppfhbishcbpmfd.exe
%WinDir%\wmgphvodyjgvxcmc.exe
%WinDir%\xqnzulhzxlldiqdwtfa.exe
%WinDir%\zuthexvppfhbishcbpmfd.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mughrxip: dupzshbrnzxnqwhyt.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\zenls: %TEMP%\kecpldatshibhqeywjfx.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\kqazhl: dupzshbrnzxnqwhyt.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\oaqvjtitkrkv: %TEMP%\dupzshbrnzxnqwhyt.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\xeppydn: dupzshbrnzxnqwhyt.exe .
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\rcrvirfpfld: %TEMP%\mealfvqherqhlsewsd.exe .
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dmzbmtfnb: zuthexvppfhbishcbpmfd.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\kqazhl: %TEMP%\xqnzulhzxlldiqdwtfa.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\wguxjrench: zuthexvppfhbishcbpmfd.exe .
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\xeppydn: %TEMP%\mealfvqherqhlsewsd.exe .

Detected by UnHackMe:

XHEEPZWWHRO.EXE
Default location: %TEMP%\XHEEPZWWHRO.EXE

Dropper information:
MD5: 461ac5e258d506cc6aec320bef458a25
File size: 479232 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images