SQPUHKIR.EXE – Worm AMN

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

SQPUHKIR.EXE – Worm AMN removal

File MD5 Virus Alias
SQPUHKIR.EXE 2ea4017f48e37c2362ddd5d1b9a69ffd Worm AMN
SQPUHKIR.EXE 2ea4017f48e37c2362ddd5d1b9a69ffd Trojan Generic
SQPUHKIR.EXE 2ea4017f48e37c2362ddd5d1b9a69ffd Trojan CI
SQPUHKIR.EXE 2ea4017f48e37c2362ddd5d1b9a69ffd Trojan Kryptik

SQPUHKIR.EXE size: 100976 bytes
SQPUHKIR.EXE hash: 2EA4017F48E37C2362DDD5D1B9A69FFD

Created files:

%UserProfile%\Local Settings\Application Data\sfdnuiwu\birafigl.exe
%UserProfile%\Start Menu\Programs\Startup\birafigl.exe
%TEMP%\sqpuhkir.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,,%Local AppData%\sfdnuiwu\birafigl.exe
HKLM\System\CurrentControlSet\Services\wscsvc\Start: 04000000
HKLM\System\CurrentControlSet\Services\wuauserv\Start: 04000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\BirAfigl: %Local AppData%\sfdnuiwu\birafigl.exe

Detected by UnHackMe:

SQPUHKIR.EXE
Default location: %TEMP%\SQPUHKIR.EXE

Dropper information:
MD5: 2ea4017f48e37c2362ddd5d1b9a69ffd
File size: 100976 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images