Win32/Skeeyah (FakeChrome)

Forum for analysis and discussion about malware.
Post Reply
Fedor22
Posts: 56
Joined: Sun Dec 03, 2017 5:50 pm
Location: Russian Federation

Win32/Skeeyah (FakeChrome)

Post by Fedor22 » Sun Mar 04, 2018 3:44 pm

Fake Chrome (Trojan:Win32/Skeeyah.A!rfn)
Dropped in:

Code: Select all

C:\Users\*username*\AppData\Roaming\WebBrowser.exe
Changes the autorun value in:

Code: Select all

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
URL:

Code: Select all

xxxx://campinglesamis.com/wpscripts/Chrome%20Hijacker.exe
VT (55/67): https://www.virustotal.com/en/file/d569 ... /analysis/
You do not have the required permissions to view the files attached to this post.

Post Reply