We checked up the file JYZQZZ.EXE and found it hazardous.
The file JYZQZZ.EXE must be deleted from the system immediately.
Kill the process JYZQZZ.EXE and remove JYZQZZ.EXE from the Windows startup.
Malware Analysis of JYZQZZ.EXE
Full path on a computer: %Appdata%\Jyzqzz.exe
Detected by UnHackMe:
JYZQZZ.EXE
Default location: %Appdata%\Jyzqzz.exe
Removal Results: Success
Number of reboot: 1
JYZQZZ.EXE is known as:
BackDoor.Maxplus.306, Troj.Undef.(kcloud), a variant of Win32.Injector.AIEH, Backdoor.Ruskill
JYZQZZ.EXE hash:
- MD5: 87b14bee0752fef92bd6d3703a6bfb0c
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect JYZQZZ.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Jyzqzz: “%Appdata%\Jyzqzz.exe”
Folders:- %Temp%\RarSFX0
Files:- %Appdata%\Jyzqzz.exe
- %Temp%\RarSFX0\photo.jpg