TROJ_MONDER.RON

By Domesticus in Trojans

Translate To:

TROJ_MONDER.RON is a Trojan that can be unknowingly downloaded from malicious websites. Once TROJ_MONDER.RON has infiltrated a system it will create a start-up registry entry and connect to a remote server to download malicious files. TROJ_MONDER.RON uses search engine optimization (SEO) poisoning techniques that can trick users into unknowingly downloading a rogue Adobe Flash Player application which is the malware itself.

File System Details

TROJ_MONDER.RON may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Windows%\cwohia.exe
Name: %Windows%\cwohia.exe Type: Executable File
2.	%System%\sshnas21.dll
Name: %System%\sshnas21.dll Type: Dynamic link library
3.	{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
Name: {8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
4.	{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
Name: {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

Registry Details

TROJ_MONDER.RON may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\SOFTWARE\XML

JDK55WFMZY = "%User Temp%\cdx.exe"

HKEY_CURRENT_USER\Software\W34BCG2GRJ

Windows\CurrentVersion\Run

HKEY_CURRENT_USER\Software\JDK55WFMZY

HKEY_CURRENT_USER\Software\Microsoft\

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

TROJ_MONDER.RON

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen