INETINFO.EXE – Worm Brontok

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

INETINFO.EXE – Worm Brontok removal

FileMD5Virus Alias
INETINFO.EXE 0b7d3e03e96fd0e04f313831cfe2a12d Worm Brontok
INETINFO.EXE 0b7d3e03e96fd0e04f313831cfe2a12d Trojan Eldorado
INETINFO.EXE 0b7d3e03e96fd0e04f313831cfe2a12d Worm Tanatos
INETINFO.EXE 0b7d3e03e96fd0e04f313831cfe2a12d Virus Sality

INETINFO.EXE size: 159744 bytes
INETINFO.EXE hash: 0B7D3E03E96FD0E04F313831CFE2A12D

Created files:

C:\4c607d
%WinDir%\INF\norBtok.exe
%UserProfile%\Local Settings\Application Data\csrss.exe
%UserProfile%\Local Settings\Application Data\inetinfo.exe
%UserProfile%\Local Settings\Application Data\lsass.exe
%UserProfile%\Local Settings\Application Data\services.exe
%UserProfile%\Local Settings\Application Data\smss.exe
D:\4c6484
D:\cert\VBoxCertUtil.exe
%UserProfile%\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\run\Bron-Spizaetus: “%WinDir%\INF\norBtok.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\run\Tok-Cirrhatus: “%Local AppData%\smss.exe”

Detected by UnHackMe:

INETINFO.EXE
Default location: %LOCAL APPDATA%\INETINFO.EXE

Dropper information:
MD5: 0b7d3e03e96fd0e04f313831cfe2a12d
File size: 159744 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images