Trojan.Comitsproc.AA3 also known as Trojan.Win32.VB, Trojan.Generic.5867893, Trojan.Generic.5867893.
Malware Analysis of Trojan.Comitsproc.AA3 – IL56NSE.EXE
Created files:
%WinDir%\il56nse.exe
%WinDir%\il56nse.ini
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe”
Detected by UnHackMe:
IL56NSE.EXE
Default location: %WinDir%\IL56NSE.EXE
Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6