WINWORD.DOC.EXE – Worm Autoit

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

WINWORD.DOC.EXE – Worm Autoit removal

File MD5 Virus Alias
WINWORD.DOC.EXE 5615af1193bf5a4d5f8077f246eae86c Worm Autoit
WINWORD.DOC.EXE 5615af1193bf5a4d5f8077f246eae86c Trojan SuspiciousFile
WINWORD.DOC.EXE 5615af1193bf5a4d5f8077f246eae86c Trojan Generic
WINWORD.DOC.EXE 5615af1193bf5a4d5f8077f246eae86c Trojan Runner
WINWORD.DOC.EXE 5615af1193bf5a4d5f8077f246eae86c Worm Sohanat
WINWORD.DOC.EXE 5615af1193bf5a4d5f8077f246eae86c Worm Autorun

WINWORD.DOC.EXE size: 261697 bytes
WINWORD.DOC.EXE hash: 5615AF1193BF5A4D5F8077F246EAE86C

Created files:

C:\Documents and Settings\Default User\Templates\winword.doc.exe
%SysDir%\aclxbiopggnahli.exe
%SysDir%\cfomzhfqqv.exe
%SysDir%\eaduivnxqmuiy.exe
%SysDir%\msvbvm50.259
%SysDir%\msvbvm60.871
%SysDir%\pckhar.exe
%SysDir%\tqawyhqr.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nkbrezhw: cfomzhfqqv.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\xjtudgry: aclxbiopggnahli.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run : eaduivnxqmuiy.exe
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname: VirusBenci
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\NV Hostname: VirusBenci

Detected by UnHackMe:

WINWORD.DOC.EXE
Default location: C:\DOCUMENTS AND SETTINGS\DEFAULT USER\TEMPLATES\WINWORD.DOC.EXE

Dropper information:
MD5: 0cfb52d555bdc8aa532cb612670c1e1f
File size: 261681 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images