CHENZNWB.EXE – Unclassified Malware

Unclassified No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CHENZNWB.EXE – Unclassified Malware removal

CHENZNWB.EXE size: 65536 bytes
CHENZNWB.EXE hash: 767283AF3B693E80A2559A7DECEEBA78

Created files:

%TEMP%\IXP000.TMP\big5hz.ov1
%TEMP%\IXP000.TMP\chenbfck.exe
%TEMP%\IXP000.TMP\chenbmxg.exe
%TEMP%\IXP000.TMP\chencksz.exe
%TEMP%\IXP000.TMP\chendhz.chh
%TEMP%\IXP000.TMP\chengbk.ovl
%TEMP%\IXP000.TMP\chenhfck.exe
%TEMP%\IXP000.TMP\chenhu5.com
%TEMP%\IXP000.TMP\chenjfk.ov1
%TEMP%\IXP000.TMP\chenpymb.ov1
%TEMP%\IXP000.TMP\chenskfh.chh
%TEMP%\IXP000.TMP\chenszsj.chh
%TEMP%\IXP000.TMP\chenxf.exe
%TEMP%\IXP000.TMP\chenznwb.exe
%TEMP%\IXP000.TMP\chgbkbh.chh
%TEMP%\IXP000.TMP\chszsj01.chh
%TEMP%\IXP000.TMP\chszsj02.chh
%TEMP%\IXP000.TMP\chszsj03.chh
%TEMP%\IXP000.TMP\chszsj04.chh
%TEMP%\IXP000.TMP\chszsj43.chh
%TEMP%\IXP000.TMP\chszsj44.chh
%TEMP%\IXP000.TMP\chword.chh
%TEMP%\IXP000.TMP\cwb.ov1
%TEMP%\IXP000.TMP\install.exe
%TEMP%\IXP000.TMP\uwb.chh

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%TEMP%\IXP000.TMP\”

Detected by UnHackMe:

CHENZNWB.EXE
Default location: %TEMP%\IXP000.TMP\CHENZNWB.EXE

Dropper information:
MD5: 070e7ce419754d2d54ac99e5861ceed6
File size: 1078272 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images