Virus Sality – run.bat – 598804a3aad6bbbd0ec2946772f63e03

Virus No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Virus Sality
Also known as: Trojan Agent
SHA256: b696adcd2f0f081b3702116d057a02c66d711080e76db5d5ffe75e132eecf8b3
SHA1: c82760b0942e07631fbe41a68951fdc8b031ca5a
MD5: 598804a3aad6bbbd0ec2946772f63e03
File size: 886008 bytes

Created files:

%WinDir%\spoolv\run.bat – Virus Sality
%WinDir%\spoolv\spoolv.exe – Virus Sality
%Temp%\0018704C_Rar\598804A3AAD6BBBD0EC2946772F63E03.EXE – Virus Sality
%Temp%\001874C2_Rar\598804A3AAD6BBBD0EC2946772F63E03.EXE – Virus Sality
%Temp%\00187A46_Rar\598804A3AAD6BBBD0EC2946772F63E03.EXE – Virus Sality

Virus Sality created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\spoolv: “C:\Windows\spoolv\spoolv.exe”
HKLM\System\CurrentControlSet\Services\svchost\Parameters\Application: “C:\Windows\spoolv\spoolv.exe”
HKLM\System\CurrentControlSet\Services\svchost\Parameters\AppDirectory: “C:\Windows\spoolv\spoolv.exe”

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images