Virus Sality – dc.exe – 53a84290774665e9fcfc1576680c25c0

Virus No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Virus Sality
Also known as: Trojan Crypt, Trojan Agent
SHA256: 0b31fcbaca9227f3c4bed00e36b6206d6d27b23c3f93330c9bd3645245ea12ed
SHA1: 95d4c91c8c79743f3e51e62b2c219a40e51833d4
MD5: 53a84290774665e9fcfc1576680c25c0
File size: 212992 bytes

Created files:

%WinDir%\dc.exe – Virus Sality
%WinDir%\Help\Other.exe – Virus Sality
%WinDir%\inf\Other.exe – Virus Sality
%WinDir%\SVIQ.EXE – Virus Sality
%WinDir%\system\Fun.exe – Virus Sality
%SysDir%\config\Win.exe – Virus Sality
%SysDir%\WinSit.exe – Virus Sality

Virus Sality created autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: Explorer.exe %WinDir%\System32\WinSit.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dc2k5: %WinDir%\SVIQ.EXE
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Fun: %WinDir%\System\Fun.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dc: %WinDir%\dc.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: %WinDir%\inf\Other.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images