Quantcast
Channel: How to Remove Malware
Viewing all articles
Browse latest Browse all 38585

CASRCSSB.EXE is Backdoor Graybird

$
0
0

The program CASRCSSB.EXE is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with CASRCSSB.EXE.
Download for free: http://www.unhackme.com

Malware Analysis of CASRCSSB.EXE
Full path on a computer: %Temp%\casrcssb.exe

Detected by UnHackMe:

CASRCSSB.EXE
Default location: %Temp%\casrcssb.exe

Removal Results: Success
Number of reboot: 1

CASRCSSB.EXE is known as:

Backdoor.Graybird, W32.Packed_Upack.H, Cryp_Upack, not-a-virus:Server-Proxy.CCProxy.x, Trojan.Agent.Gen-Delf, Packed.Klone.~KMG, Packed.Upack (v), SPR.Tool.CCProxy.B.108, Mal.Behav-004, Troj.Undef.(kcloud), HackTool.CCProxy.B, Packed.UPack, Packed.Upack, Backdoor.Graybird.rem, a variant of Win32.Spy.Agent.OAS, HackTool.CCProxy

CASRCSSB.EXE hash:

  • MD5: 12e66d47d6e9d17129bd54fd28ed9d2e
The file tries to download information from some web sites.
How to quickly detect CASRCSSB.EXE presence?
Registry:
  • HKLM\Software\Microsoft\Windows\CurrentVersion\Run\casrcssb.exe: “%Temp%\casrcssb.exe”
Files:
  • %Temp%\0633147534.dll
  • %Temp%\3631357058.dll
  • %Temp%\7309C975-59D4-4797-8601-3952BCA6173F.dat
  • %Temp%\casrcssb.exe


Viewing all articles
Browse latest Browse all 38585

Trending Articles