Worm Ainslot – rundll32.exe – 2167c208d673b214e44648492a734001

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Worm Ainslot
Also known as: Trojan Jorik, Trojan Swisyn
SHA256: 45384145f3d97e35b7547c2997f64e5b6be07e48fb202a9c7a5e61a64ab6fe1f
SHA1: b9901ba943cd433441d533c41bca8a161702ed43
MD5: 2167c208d673b214e44648492a734001
File size: 179200 bytes

Created files:

%AppData%\Microsoft\rundll32.exe – Worm Ainslot
%AppData%\Microsoft\taskhost.dll – Worm Ainslot

Worm Ainslot created autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{1CDFBB6E-C796-A634-C2C9-E7EF39CBAC56}\StubPath: %AppData%\Microsoft\rundll32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\Windows Defender: %AppData%\Microsoft\rundll32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender: %AppData%\Microsoft\rundll32.exe
HKCU\Software\Microsoft\Active Setup\Installed Components\{1CDFBB6E-C796-A634-C2C9-E7EF39CBAC56}\StubPath: %AppData%\Microsoft\rundll32.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender: %AppData%\Microsoft\rundll32.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images