DLLCHACHE.EXE – Worm Brontok

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

DLLCHACHE.EXE – Worm Brontok removal

FileMD5Virus Alias
DLLCHACHE.EXE 20dd93fc004fd0ed801abfea9aead648 Worm Brontok
DLLCHACHE.EXE 20dd93fc004fd0ed801abfea9aead648 Trojan SuspiciousFile
DLLCHACHE.EXE 20dd93fc004fd0ed801abfea9aead648 Trojan Hllw
DLLCHACHE.EXE 20dd93fc004fd0ed801abfea9aead648 Trojan Agent
DLLCHACHE.EXE 20dd93fc004fd0ed801abfea9aead648 Trojan FakeAV
DLLCHACHE.EXE 20dd93fc004fd0ed801abfea9aead648 Backdoor IRCBot

DLLCHACHE.EXE size: 37888 bytes
DLLCHACHE.EXE hash: 20DD93FC004FD0ED801ABFEA9AEAD648

Created files:

C:\msvbvm60.dll
%SysDir%\dllcache\msvbvm60.dll
%SysDir%\dllcache\Regedit32.com
%SysDir%\dllcache\Shell32.com
%SysDir%\dllchache\msvbvm60.dll
%SysDir%\dllchache.exe
%SysDir%\M5VBVM60.EXE
%SysDir%\msvbvm60.dll
%SysDir%\rund1132.exe
%SysDir%.exe

Autostart registry keys:

HKLM\Software\Classes\txtfile\shell\open\command : %WinDir%\System32\rund1132.exe %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Blank AntiViri: C:\AUT0EXEC.BAT StartUp
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe, “%WinDir%\System32\M5VBVM60.EXE StartUp”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Secure64: %WinDir%\System32\dllcache\Regedit32.com StartUp
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Secure32: %WinDir%\System32\dllcache\Shell32.com StartUp

Detected by UnHackMe:

DLLCHACHE.EXE
Default location: %SYSDIR%\DLLCHACHE.EXE

Dropper information:
MD5: 20dd93fc004fd0ed801abfea9aead648
File size: 37888 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images