IMDCSC.exe – Virus Sality

November 12, 2012

Alex NightWatcher

Virus No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

IMDCSC.exe – Virus Sality removal

File	Virus Alias
IMDCSC.exe	Virus Sality

Created files:

%SysDir%\config\systemprofile\Cookies\DCSCMIN\IMDCSC.exe – Virus Sality
%WinDir%\TEMP\00161C03_Rar\427B082AB73AA92B34D277CC71D55488.EXE – Virus Sality

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit: %WinDir%\System32\userinit.exe,%WinDir%\System32\config\Systemprofile\Cookies\DCSCMIN\IMDCSC.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\DarkComet RAT: %WinDir%\System32\config\Systemprofile\Cookies\DCSCMIN\IMDCSC.exe

Detected by UnHackMe:

IMDCSC.exe
Default location: %SysDir%\config\systemprofile\Cookies\DCSCMIN\IMDCSC.exe

Dropper information:
SHA256: ef345ca236dff16f310ad8d09af4fbb4f1c7f6ae11cd0b00d18dc740287a8c57
SHA1: 289b551e523adfc5b8be5235a01d6a7c37b68712
MD5: 427b082ab73aa92b34d277cc71d55488
File size: 311808 bytes

Leave a Reply Cancel reply

You must be logged in to post a comment.