W32/VB.AGWW!tr.dldr also known as TR/VB.Downloader.Gen, Artemis!388EF8417413, Trojan.Gen.
Malware Analysis of W32/VB.AGWW!tr.dldr – IL56NSE.EXE
Created files:
%WinDir%\il56nse.exe
%WinDir%\il56nse.ini
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe”
Detected by UnHackMe:
IL56NSE.EXE
Default location: %WinDir%\IL56NSE.EXE
Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6