We checked some samples of INSTAGRAM HACK V4.0 [UPDATED].EXE and detected the file INSTAGRAM HACK V4.0 [UPDATED].EXE as threat.
Remove the INSTAGRAM HACK V4.0 [UPDATED].EXE file from your computer right now.
Removal tool: http://www.unhackme.com
Malware Analysis of INSTAGRAM HACK V4.0 [UPDATED].EXE
Full path on a computer: %Temp%\Instagram Hack v4.0 [UPDATED].exe
Detected by UnHackMe:
Item Name: wdlcf
Author:
Current Setting: C:\DOCUME~1\ADMINI~1\WDLCF\72783.VBS
Type: Registry RunOnce
Item Name: start.lnk
Author:
Current Setting: %PROFILE%\WDLCF\72783.VBS
Type: Startup Folder
INSTAGRAM HACK V4.0 [UPDATED].EXE
Default location: %Temp%\Instagram Hack v4.0 [UPDATED].exe
Removal Results: Success
Number of reboot: 1
INSTAGRAM HACK V4.0 [UPDATED].EXE is known as:
Trojan.Graftor, RAR.Agent.O, Luhe.Cryptic.F, Trojan.RAR.Agent.O
INSTAGRAM HACK V4.0 [UPDATED].EXE hash:
- MD5: c38c5a270d6201431a2bb596c1c1696d
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect INSTAGRAM HACK V4.0 [UPDATED].EXE presence?
Registry:
- HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\wdlcf: “C:\DOCUME~1\ADMINI~1\wdlcf\72783.vbs”
Folders:
- %Appdata%\dclogs
- %Profile%\wdlcf
Files:
- %Startup%\start.lnk
- %Profile%\wdlcf\72783.vbs
- %Profile%\wdlcf\82347.cmd
- %Profile%\wdlcf\i.VWI
- %Profile%\wdlcf\tzCXM.vbs
- %Profile%\wdlcf\uII.QSB
- %Profile%\wdlcf\wNPE.exe
- %Profile%\wdlcf\YGcxaaV.XRV
- %Temp%\Instagram Hack v4.0 [UPDATED].exe