PE:Trojan.Win32.Generic.16F8BCB2!385399986 also known as Win32/TrojanDownloader.Agent.AQP, TROJ_SPNR.09GH14, Trojan-Downloader.Win32.Doldow.
Malware Analysis of PE:Trojan.Win32.Generic.16F8BCB2!385399986 – PMROJECT1.EXE
Created files:
%Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal
%Local Appdata%\Google\Chrome\User Data\lockfile
%Program Files%\FlashSockv01\Pmroject1.exe
Autostart registry keys:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe”
Detected by UnHackMe:
PMROJECT1.EXE
Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE
Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22