Win32.HLLM.Limar.4359
Added to the Dr.Web virus database:
2012-10-08
Virus description added:
2012-10-17
Technical Information
Malicious functions:
Creates and executes the following:
- %TEMP%\cachedump.exe -s
- %TEMP%\cachedump.exe
- %TEMP%\pwdump.exe
Modifies file system :
Creates the following files:
- %TEMP%\pstgdump.exe
- %TEMP%\cachedump.exe
- <Current directory>\127.0.0.1.cachedump
- \Device\LanmanRedirector\127.0.0.1\PIPE\winreg
- %TEMP%\fgexec.exe
- %TEMP%\pwdump.exe
- \Device\LanmanRedirector\127.0.0.1\pipe\svcctl
- %TEMP%\lstarget.dll
- %TEMP%\imokav.exe
Deletes the following files:
- %TEMP%\lstarget.dll
- %TEMP%\imokav.exe
- %TEMP%\pwdump.exe
- %TEMP%\pstgdump.exe
- %TEMP%\cachedump.exe
- %TEMP%\fgexec.exe
欢迎下载
Dr.Web for Android
-
免费3个月
-
可使用所有保护组件
-
可在AppGallery/Google Pay延期
继续使用此网站意味着您同意我们使用Cookie文件和其他用于收集网站访问统计信息的技术手段。详细信息