Is the file OBRA.EXE located on your computer? Then your computer is infected.
We do suggest you should remove OBRA.EXE from your computer as soon as possible.
OBRA.EXE is Trojan/Backdoor.
Kill the process OBRA.EXE and remove OBRA.EXE from the Windows startup.
Malware Analysis of OBRA.EXE
Full path on a computer: %Appdata%\obra.exe
Detected by UnHackMe:
OBRA.EXE
Default location: %Appdata%\obra.exe
Removal Results: Success
Number of reboot: 1
OBRA.EXE is known as:
Trojan.Agent.DE, Trojan ( 0000000c1 ), Trojan.ATRAPS.OTqbuCd7xHg, W32.Trojan.UZTO-3258, Win32.DH{DyAiIyVNEw}, Win32.Trojan.676
OBRA.EXE hash:
- MD5: 828e8eaa0e36cd1382a59e1cf61c9bce
The file tries to download information from some web sites.
How to quickly detect OBRA.EXE presence?
![]( "Registry")
Registry:
![]( "Files")
Files:
Registry:- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\engodo: “%Appdata%\obra.exe”
Files:- %Appdata%\obra.exe