INETINFO.EXE – Worm Brontok

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

INETINFO.EXE – Worm Brontok removal

FileMD5Virus Alias
INETINFO.EXE c27efafad30060e52770c4cda28d3183 Worm Brontok
INETINFO.EXE c27efafad30060e52770c4cda28d3183 Trojan SuspiciousFile
INETINFO.EXE c27efafad30060e52770c4cda28d3183 Trojan Generic
INETINFO.EXE c27efafad30060e52770c4cda28d3183 Trojan Xema
INETINFO.EXE c27efafad30060e52770c4cda28d3183 Trojan Eldorado
INETINFO.EXE c27efafad30060e52770c4cda28d3183 Trojan Agent

INETINFO.EXE size: 40928 bytes
INETINFO.EXE hash: C27EFAFAD30060E52770C4CDA28D3183

Created files:

%WinDir%\eksplorasi.pif
%WinDir%\ShellNew\bronstab.exe
%Local AppData%\csrss.exe
%Local AppData%\inetinfo.exe
%Local AppData%\lsass.exe
%Local AppData%\services.exe
%Local AppData%\smss.exe
%Local AppData%\winlogon.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\run\Bron-Spizaetus: “%WinDir%\ShellNew\bronstab.exe”
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe “%WinDir%\eksplorasi.pif”
HKCU\Software\Microsoft\Windows\CurrentVersion\run\Tok-Cirrhatus: “%WinDir%\System32\config\Systemprofile\Local Settings\Application Data\smss.exe”

Detected by UnHackMe:

INETINFO.EXE
Default location: %LOCAL APPDATA%\INETINFO.EXE

Dropper information:
MD5: c27efafad30060e52770c4cda28d3183
File size: 40928 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images