Dont know what this exe does

Ask your beginner questions here.
Post Reply
johnmalfoy112
Posts: 3
Joined: Fri Jul 17, 2015 7:51 am

Dont know what this exe does

Post by johnmalfoy112 » Thu May 03, 2018 11:26 am

can anybody tell what this exe is doing.
jkj.zip
You do not have the required permissions to view the files attached to this post.

User avatar
EP_X0FF
Global Moderator
Posts: 4806
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Dont know what this exe does

Post by EP_X0FF » Sat May 05, 2018 5:03 am

It is trojan downloader.

Obfuscated strings from inside.

Code: Select all

"Software\\Microsoft"
"\\Windows\\Currentversion\\Run"
"Taskhst"
"Environment"
"Cq"
"cmd /c start %Cq% "
"&& exit"
"ntuser"
"toolsd.exe"
"aday.primeservices.mobi"
"/IXR/goprim.php"
"Connection: keep-alive"
"Content-type: application/x-www-form-urlencoded"
Ring0 - the source of inspiration

Post Reply