U94.EXE – Worm Autorun

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

U94.EXE – Worm Autorun removal

FileMD5Virus Alias
U94.EXE 532602ecc4557cbc66e7a57199e34286 Worm Autorun
U94.EXE 532602ecc4557cbc66e7a57199e34286 Trojan Generic
U94.EXE 532602ecc4557cbc66e7a57199e34286 Trojan MulDrop4
U94.EXE 532602ecc4557cbc66e7a57199e34286 Backdoor Hupigon
U94.EXE 532602ecc4557cbc66e7a57199e34286 Trojan Agent
U94.EXE 532602ecc4557cbc66e7a57199e34286 Trojan ADH

U94.EXE size: 526336 bytes
U94.EXE hash: 532602ECC4557CBC66E7A57199E34286

Created files:

%SysDir%\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\devil.exe
%SysDir%\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\U94.exe
%Temp%\IXP000.TMP\devil.exe
%Temp%\IXP000.TMP\U94.exe
%Temp%\~nvasvniubiumugh
%Temp%\~palmwhjoaijbmli

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%Temp%\IXP000.TMP\”

Detected by UnHackMe:

U94.EXE
Default location: %SYSDIR%\SOFTWAREDISTRIBUTION\SETUP\SERVICESTARTUP\WUPS2.DLL\7.4.7600.226\U94.EXE

Dropper information:
MD5: 00fefbc50153fb04c96ecf6d31995f9a
File size: 666071 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images