OFFERCAST_AVIRAV7_.EXE – Unclassified Malware

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

OFFERCAST_AVIRAV7_.EXE – Unclassified Malware removal

OFFERCAST_AVIRAV7_.EXE size: 1291696 bytes
OFFERCAST_AVIRAV7_.EXE hash: AE88282D08916C00A324F6A269924EA9

Created files:

%TEMP%\RarSFX0\64bitproxy.exe
%TEMP%\RarSFX0\aebb.dll
%TEMP%\RarSFX0\aecore.dll
%TEMP%\RarSFX0\aeemu.dll
%TEMP%\RarSFX0\aeexp.dll
%TEMP%\RarSFX0\aegen.dll
%TEMP%\RarSFX0\aehelp.dll
%TEMP%\RarSFX0\aeheur.dll
%TEMP%\RarSFX0\aeoffice.dll
%TEMP%\RarSFX0\aepack.dll
%TEMP%\RarSFX0\aerdl.dll
%TEMP%\RarSFX0\aesbx.dll
%TEMP%\RarSFX0\aescn.dll
%TEMP%\RarSFX0\aescript.dll
%TEMP%\RarSFX0\aevdf.dll
%TEMP%\RarSFX0\apcfile.dll
%TEMP%\RarSFX0\appremover_64.exe
%TEMP%\RarSFX0\appremover_api.dll
%TEMP%\RarSFX0\appremover_cli.exe
%TEMP%\RarSFX0\avacl.dll
%TEMP%\RarSFX0\avadmin.exe
%TEMP%\RarSFX0\avarkt.dll
%TEMP%\RarSFX0\avbb.dll
%TEMP%\RarSFX0\avcenter.exe
%TEMP%\RarSFX0\avconfig.dll
%TEMP%\RarSFX0\avconfig.exe
%TEMP%\RarSFX0\avesvc.dll
%TEMP%\RarSFX0\avevtlog.dll
%TEMP%\RarSFX0\avgio.dll
%TEMP%\RarSFX0\avgnt.exe
%TEMP%\RarSFX0\avguard.exe
%TEMP%\RarSFX0\avinet.dll
%TEMP%\RarSFX0\avipc.dll
%TEMP%\RarSFX0\avlode.dll
%TEMP%\RarSFX0\avmres.dll
%TEMP%\RarSFX0\avnotify.exe
%TEMP%\RarSFX0\avpref.dll
%TEMP%\RarSFX0\avreg.dll
%TEMP%\RarSFX0\avrep.dll
%TEMP%\RarSFX0\avrestart.exe
%TEMP%\RarSFX0\avscan.exe
%TEMP%\RarSFX0\avscplr.dll
%TEMP%\RarSFX0\avsda.dll
%TEMP%\RarSFX0\avsda64.dll
%TEMP%\RarSFX0\avsmtp.dll
%TEMP%\RarSFX0\avupgsvc.exe
%TEMP%\RarSFX0\avwebg7.exe
%TEMP%\RarSFX0\avwebgrd.exe
%TEMP%\RarSFX0\avwebloader.dll
%TEMP%\RarSFX0\avwebloader.exe
%TEMP%\RarSFX0\avwsc.exe
%TEMP%\RarSFX0\ccuac.exe
%TEMP%\RarSFX0\fact.exe
%TEMP%\RarSFX0\guardgui.exe
%TEMP%\RarSFX0\imp64b.exe
%TEMP%\RarSFX0\inssda64.exe
%TEMP%\RarSFX0\insthlp.exe
%TEMP%\RarSFX0\ipmgui.exe
%TEMP%\RarSFX0\licmgr.exe
%TEMP%\RarSFX0\offercast_avirav7_.exe
%TEMP%\RarSFX0\presetup.exe
%TEMP%\RarSFX0\ru-ru\avconfigrc.dll
%TEMP%\RarSFX0\ru-ru\avesvcr.dll
%TEMP%\RarSFX0\ru-ru\avevtrc.dll
%TEMP%\RarSFX0\ru-ru\avnotify.dll
%TEMP%\RarSFX0\ru-ru\avscanrc.dll
%TEMP%\RarSFX0\ru-ru\avwebgrc.dll
%TEMP%\RarSFX0\sched.exe
%TEMP%\RarSFX0\setup.exe
%TEMP%\RarSFX0\setuppending.exe
%TEMP%\RarSFX0\toastnotifier.exe
%TEMP%\RarSFX0\update.exe
%TEMP%\RarSFX0\updrgui.exe
%TEMP%\RarSFX0\vcredist_x86.exe
%TEMP%\RarSFX0\vista64\avipc64.dll
%TEMP%\RarSFX0\vista64\avshadow.exe
%TEMP%\RarSFX0\wsctool.exe
%TEMP%\RarSFX0\xp\avshadow.exe

Detected by UnHackMe:

OFFERCAST_AVIRAV7_.EXE
Default location: %TEMP%\RARSFX0\OFFERCAST_AVIRAV7_.EXE

Dropper information:
MD5: 1da3981fc2916d350d6d09a03c41d4e1
File size: 109660888 bytes

Leave a Reply