SQPUHKIR.EXE – Worm AMN

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SQPUHKIR.EXE – Worm AMN removal

FileMD5Virus Alias
SQPUHKIR.EXE 8388ea91a2d7fd290a6b0c32f3dd5f7c Worm AMN
SQPUHKIR.EXE 8388ea91a2d7fd290a6b0c32f3dd5f7c Trojan SuspiciousFile
SQPUHKIR.EXE 8388ea91a2d7fd290a6b0c32f3dd5f7c Trojan Artemis
SQPUHKIR.EXE 8388ea91a2d7fd290a6b0c32f3dd5f7c Trojan Generic
SQPUHKIR.EXE 8388ea91a2d7fd290a6b0c32f3dd5f7c Trojan DNAScan

SQPUHKIR.EXE size: 92712 bytes
SQPUHKIR.EXE hash: 8388EA91A2D7FD290A6B0C32F3DD5F7C

Created files:

%UserProfile%\Local Settings\Application Data\sfdnuiwu\birafigl.exe
%UserProfile%\Start Menu\Programs\Startup\birafigl.exe
%TEMP%\sqpuhkir.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,,%Local AppData%\sfdnuiwu\birafigl.exe
HKLM\System\CurrentControlSet\Services\wscsvc\Start: 04000000
HKLM\System\CurrentControlSet\Services\wuauserv\Start: 04000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\BirAfigl: %Local AppData%\sfdnuiwu\birafigl.exe

Detected by UnHackMe:

SQPUHKIR.EXE
Default location: %TEMP%\SQPUHKIR.EXE

Dropper information:
MD5: 8388ea91a2d7fd290a6b0c32f3dd5f7c
File size: 92712 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images