LSASS.EXE – Worm Brontok

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

LSASS.EXE – Worm Brontok removal

FileMD5Virus Alias
LSASS.EXE 902792c0116adf49f55f111e82c81db0 Worm Brontok
LSASS.EXE 902792c0116adf49f55f111e82c81db0 Trojan Agent

LSASS.EXE size: 81920 bytes
LSASS.EXE hash: 902792C0116ADF49F55F111E82C81DB0

Created files:

%WinDir%\INF\norBtok.exe
%Local AppData%\csrss.exe
%Local AppData%\inetinfo.exe
%Local AppData%\lsass.exe
%Local AppData%\services.exe
%Local AppData%\smss.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\run\Bron-Spizaetus: “%WinDir%\INF\norBtok.exe”
HKCU\Software\Microsoft\Windows\CurrentVersion\run\Tok-Cirrhatus: “%WinDir%\System32\config\Systemprofile\Local Settings\Application Data\smss.exe”

Detected by UnHackMe:

LSASS.EXE
Default location: %LOCAL APPDATA%\LSASS.EXE

Dropper information:
MD5: 902792c0116adf49f55f111e82c81db0
File size: 81920 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images