QLUPDATE.EXE – Unclassified Malware

Unclassified No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

QLUPDATE.EXE – Unclassified Malware removal

QLUPDATE.EXE size: 143436 bytes
QLUPDATE.EXE hash: D9CD90C30B50FD47B3F0ABD17F8FF0F6

Created files:

%TEMP%\RarSFX0\JD\EmbedTradeLoginDll.dll
%TEMP%\RarSFX0\JD\JD.exe
%TEMP%\RarSFX0\JD\MSEmbedTradeLoginDll.dll
%TEMP%\RarSFX0\JD\QlUpdate.exe
%TEMP%\RarSFX0\JD\QsLoginDLL.dll
%TEMP%\RarSFX0\JD\SelectISP.exe
%TEMP%\RarSFX0\JD\updateC2.ocx
%TEMP%\RarSFX0\JD\UpdateEx.exe
%TEMP%\RarSFX0\QlSetup.exe
%TEMP%\RarSFX0\QlSysCfg\hkbroker.DBF
%TEMP%\RarSFX0\unsetup\UnSetup.exe
%TEMP%\RarSFX0\wt\cacert.crt
%TEMP%\RarSFX0\wt\public.pfx
%TEMP%\RarSFX0\wt\QLTRADE.exe
%TEMP%\RarSFX0\wt\QLTRADESTOCK.dll
%TEMP%\RarSFX0\wt\QlUpdate.exe
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeAccount.ql
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeComboHisEntrust.ql
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeTodayEntrust20121231.ql
%TEMP%\RarSFX0\wt\QLUSRCFG\tradeuser.ql
%TEMP%\RarSFX0\wt\QL_BigGrayRes.dll
%TEMP%\RarSFX0\wt\QL_BigRes.dll
%TEMP%\RarSFX0\wt\QL_GrayRes.dll
%TEMP%\RarSFX0\wt\QL_Res.dll
%TEMP%\RarSFX0\wt\srl.ql
%TEMP%\RarSFX0\wt\tradehint.ql
%TEMP%\RarSFX0\wt\tradenet.ql
%TEMP%\RarSFX0\wt\UnicodeFile.bin
%TEMP%\RarSFX0\wt\UnicodeFile_1.bin
%TEMP%\RarSFX0\wt\UnicodeFile_2.bin
%TEMP%\RarSFX0\wt\UnicodeFile_3.bin

Detected by UnHackMe:

QLUPDATE.EXE
Default location: %TEMP%\RARSFX0\WT\QLUPDATE.EXE

Dropper information:
MD5: 81f99504e893c75be7770370827a5070
File size: 4399714 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images