Worm Dumaru – nload.exe – 7a645ce980aadd51e54435920a504850

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Worm Dumaru
SHA256: 59de7d9cbd8fd167bd2b922c44f0a034105ef710a121578a0bdbd83e9189d1b7
SHA1: 31f02c4d18567e6f37922de7448d89cf611f0a82
MD5: 7a645ce980aadd51e54435920a504850
File size: 40960 bytes

Created files:

C:\nload.exe – Worm Dumaru
%SysDir%\1111a.exe – Worm Dumaru
%SysDir%\1111c.exe – Worm Dumaru
%Startup%\1111b.exe – Worm Dumaru

Worm Dumaru created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\load32: %WinDir%\System32\1111a.exeS?x???`??s??s??$” | ??s |x?’?s??s??'(?e |?sP???s?s??E$ |?s0 $ |x?? |???sh: ’?s??s??sx?@??s ???|?$ |????0 $ |?’ |?s$ |’|
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: explorer.exe %WinDir%\System32\1111c.exe
HKLM\System\CurrentControlSet\Services\SharedAccess\Start: 03000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images