Worm Palevo – lsass.exe – 87f07aef836b4db89557f91e476b00d5

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Worm Palevo
Also known as: Trojan Birele, Trojan Swisyn
SHA256: fa977f6fff93e0477b5560212b6fd2ee788a5702d5b6297853d9f48882c6a4c1
SHA1: 89ba7e592914a01880a22a9264d82e348c16b6ef
MD5: 87f07aef836b4db89557f91e476b00d5
File size: 561152 bytes

Created files:

%AppData%\Microsoft\lsass.exe – Worm Palevo
%Temp%\irc.exe – Worm Palevo

Worm Palevo created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\MSWUpdate: %AppData%\Microsoft\lsass.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MSWUpdate: %AppData%\Microsoft\lsass.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: C:\Windows\System32\userinit.exe,%AppData%\Microsoft\lsass.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\MSWUpdate: %AppData%\Microsoft\lsass.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MSWUpdate: %AppData%\Microsoft\lsass.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images