Virus Sality – run.bat – be814c8a962f561dd73cb942657019fb

Virus No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Virus Sality
Also known as: Trojan Agent
SHA256: 9f551e3d8c66f0bdf4783ececef590a17942977b87b3f66e5e8db55509402137
SHA1: c6e55b3928ad1052efde0d7b693817b4d60f27d7
MD5: be814c8a962f561dd73cb942657019fb
File size: 885611 bytes

Created files:

%WinDir%\spoolv\run.bat – Virus Sality
%WinDir%\spoolv\spoolv.exe – Virus Sality
%Temp%\0025BD5A_Rar\BE814C8A962F561DD73CB942657019FB.EXE – Virus Sality
%Temp%\0025C05D_Rar\BE814C8A962F561DD73CB942657019FB.EXE – Virus Sality
%Temp%\0025C3EC_Rar\BE814C8A962F561DD73CB942657019FB.EXE – Virus Sality

Virus Sality created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\spoolv: “C:\Windows\spoolv\spoolv.exe”
HKLM\System\CurrentControlSet\Services\svchost\Parameters\Application: “C:\Windows\spoolv\spoolv.exe”
HKLM\System\CurrentControlSet\Services\svchost\Parameters\AppDirectory: “C:\Windows\spoolv\spoolv.exe”

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images