SYSTEMXX32.EXE – Worm Ainslot

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SYSTEMXX32.EXE – Worm Ainslot removal

FileMD5Virus Alias
SYSTEMXX32.EXE 9d98fdaf364fe0f246b5727a2d09d0bd Worm Ainslot
SYSTEMXX32.EXE 9d98fdaf364fe0f246b5727a2d09d0bd Backdoor Blackshades
SYSTEMXX32.EXE 9d98fdaf364fe0f246b5727a2d09d0bd Backdoor Maximus
SYSTEMXX32.EXE 9d98fdaf364fe0f246b5727a2d09d0bd Trojan Agent
SYSTEMXX32.EXE 9d98fdaf364fe0f246b5727a2d09d0bd Trojan Swisyn
SYSTEMXX32.EXE 9d98fdaf364fe0f246b5727a2d09d0bd Trojan FakeAV

SYSTEMXX32.EXE size: 466944 bytes
SYSTEMXX32.EXE hash: 9D98FDAF364FE0F246B5727A2D09D0BD

Created files:

%AppData%\Windows\systemxx32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{20A70DBC-401A-CFB4-5CE0-AAAEB6CB9D2E}\StubPath: %WinDir%\System32\config\Systemprofile\Application Data\Windows\Systemxx32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\windefender.exe: %WinDir%\System32\config\Systemprofile\Application Data\Windows\Systemxx32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\windefender.exe: %WinDir%\System32\config\Systemprofile\Application Data\Windows\Systemxx32.exe
HKCU\Software\Microsoft\Active Setup\Installed Components\{20A70DBC-401A-CFB4-5CE0-AAAEB6CB9D2E}\StubPath: %WinDir%\System32\config\Systemprofile\Application Data\Windows\Systemxx32.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\windefender.exe: %WinDir%\System32\config\Systemprofile\Application Data\Windows\Systemxx32.exe

Detected by UnHackMe:

SYSTEMXX32.EXE
Default location: %APPDATA%\WINDOWS\SYSTEMXX32.EXE

Dropper information:
MD5: 9d98fdaf364fe0f246b5727a2d09d0bd
File size: 466944 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images