Trojan.Win32.Fusing.bCF also known as Trojan.GenericKD.1761213, Trojan.Win32.Staser.dbbxcv, Trojan.GenericKD.1761213.
Malware Analysis of Trojan.Win32.Fusing.bCF – USYBTND.EXE
Created files:
%Program Files%\Windows NT\Usybtnd.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe”
HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc”
Detected by UnHackMe:
USYBTND.EXE
Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE
Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628