Trojan.GenericKD.1761213 (B) also known as Agent4.BXJG, Trojan.GenericKD.1761213, Trojan.Staser!.
Malware Analysis of Trojan.GenericKD.1761213 (B) – USYBTND.EXE
Created files:
%Program Files%\Windows NT\Usybtnd.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe”
HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc”
Detected by UnHackMe:
USYBTND.EXE
Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE
Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628