The program CASRCSSB.EXE is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with CASRCSSB.EXE.
Download for free: http://www.unhackme.com
Malware Analysis of CASRCSSB.EXE
Full path on a computer: %Temp%\casrcssb.exe
Detected by UnHackMe:
CASRCSSB.EXE
Default location: %Temp%\casrcssb.exe
Removal Results: Success
Number of reboot: 1
CASRCSSB.EXE is known as:
Backdoor.Graybird, W32.Packed_Upack.H, Cryp_Upack, not-a-virus:Server-Proxy.CCProxy.x, Trojan.Agent.Gen-Delf, Packed.Klone.~KMG, Packed.Upack (v), SPR.Tool.CCProxy.B.108, Mal.Behav-004, Troj.Undef.(kcloud), HackTool.CCProxy.B, Packed.UPack, Packed.Upack, Backdoor.Graybird.rem, a variant of Win32.Spy.Agent.OAS, HackTool.CCProxy
CASRCSSB.EXE hash:
- MD5: 12e66d47d6e9d17129bd54fd28ed9d2e
The file tries to download information from some web sites.
How to quickly detect CASRCSSB.EXE presence?
Registry:
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\casrcssb.exe: “%Temp%\casrcssb.exe”
Files:
- %Temp%\0633147534.dll
- %Temp%\3631357058.dll
- %Temp%\7309C975-59D4-4797-8601-3952BCA6173F.dat
- %Temp%\casrcssb.exe