Quantcast
Channel: How to Remove Malware
Viewing all articles
Browse latest Browse all 38585

INSTAGRAM HACK V4.0 [UPDATED].EXE is Trojan Graftor

$
0
0

We checked some samples of INSTAGRAM HACK V4.0 [UPDATED].EXE and detected the file INSTAGRAM HACK V4.0 [UPDATED].EXE as threat.
Remove the INSTAGRAM HACK V4.0 [UPDATED].EXE file from your computer right now.
Removal tool: http://www.unhackme.com

Malware Analysis of INSTAGRAM HACK V4.0 [UPDATED].EXE
Full path on a computer: %Temp%\Instagram Hack v4.0 [UPDATED].exe

Detected by UnHackMe:

Item Name: wdlcf
Author:
Current Setting: C:\DOCUME~1\ADMINI~1\WDLCF\72783.VBS
Type: Registry RunOnce

Item Name: start.lnk
Author:
Current Setting: %PROFILE%\WDLCF\72783.VBS
Type: Startup Folder

INSTAGRAM HACK V4.0 [UPDATED].EXE
Default location: %Temp%\Instagram Hack v4.0 [UPDATED].exe

Removal Results: Success
Number of reboot: 1

INSTAGRAM HACK V4.0 [UPDATED].EXE is known as:

Trojan.Graftor, RAR.Agent.O, Luhe.Cryptic.F, Trojan.RAR.Agent.O

INSTAGRAM HACK V4.0 [UPDATED].EXE hash:

  • MD5: c38c5a270d6201431a2bb596c1c1696d
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect INSTAGRAM HACK V4.0 [UPDATED].EXE presence?
Registry:
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\wdlcf: “C:\DOCUME~1\ADMINI~1\wdlcf\72783.vbs”
Folders:
  • %Appdata%\dclogs
  • %Profile%\wdlcf
Files:
  • %Startup%\start.lnk
  • %Profile%\wdlcf\72783.vbs
  • %Profile%\wdlcf\82347.cmd
  • %Profile%\wdlcf\i.VWI
  • %Profile%\wdlcf\tzCXM.vbs
  • %Profile%\wdlcf\uII.QSB
  • %Profile%\wdlcf\wNPE.exe
  • %Profile%\wdlcf\YGcxaaV.XRV
  • %Temp%\Instagram Hack v4.0 [UPDATED].exe


Viewing all articles
Browse latest Browse all 38585

Trending Articles