Win64/Sathurbot.A

By GoldSparrow in Trojans

Threat Scorecard

Ranking:	11,410
Threat Level:	80 % (High)
Infected Computers:	3,432

First Seen:	August 28, 2014
Last Seen:	August 11, 2023
OS(es) Affected:	Windows

Win64/Sathurbot.A is a dangerous Trojan horse threat that may be loaded from malicious sources on the internet without permission from the computer user or alerting them to infection. The Win64/Sathurbot.A threat may allow remote connections from hackers where data stored on the infected computer could be stolen. The Win64/Sathurbot.A infection could then run in the background undetected. Removal of Win64/Sathurbot.A may warrant use of an antispyware tool capable of removing Trojan horses from Windows PCs. When removed, Win64/Sathurbot.A will no longer be able to allow remote connects where data stored on the hard drive is at risk of being stolen. In such a case, Win64/Sathurbot.A could lead to identity theft of other serious issues.

Table of Contents

SpyHunter Detects & Remove Win64/Sathurbot.A

File System Details

Win64/Sathurbot.A may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	tmp2560.exe	67034cf89085f5aa9dec4ea43f19046f	35
Name: tmp2560.exe MD5: 67034cf89085f5aa9dec4ea43f19046f Size: 117.56 KB (117561 bytes) Detections: 35 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
2.	tmp6E06.exe	55a123d069b195208411e64897af0b5b	31
Name: tmp6E06.exe MD5: 55a123d069b195208411e64897af0b5b Size: 162.36 KB (162369 bytes) Detections: 31 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
3.	tmp56AB.exe	e9f9d813cefd9815a833179a21ef6074	30
Name: tmp56AB.exe MD5: e9f9d813cefd9815a833179a21ef6074 Size: 121.34 KB (121344 bytes) Detections: 30 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
4.	tmpA10B.exe	dfb64c158b59d0d1a7dabd5576191c9e	23
Name: tmpA10B.exe MD5: dfb64c158b59d0d1a7dabd5576191c9e Size: 133.17 KB (133172 bytes) Detections: 23 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
5.	tmpD69F.exe	e38cefcaf463c6d2186118c87b144a44	23
Name: tmpD69F.exe MD5: e38cefcaf463c6d2186118c87b144a44 Size: 127.23 KB (127234 bytes) Detections: 23 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: June 7, 2020
6.	tmpAB40.exe	b2ab8483df8c50ce52a54e80d1161033	21
Name: tmpAB40.exe MD5: b2ab8483df8c50ce52a54e80d1161033 Size: 174.63 KB (174633 bytes) Detections: 21 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
7.	tmpFDBD.exe	947850ea31b0746472d8f426139649dc	19
Name: tmpFDBD.exe MD5: 947850ea31b0746472d8f426139649dc Size: 160.51 KB (160518 bytes) Detections: 19 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
8.	tmp7EBD.exe	7c18bc310ff85465400e2b9b0d2b1280	19
Name: tmp7EBD.exe MD5: 7c18bc310ff85465400e2b9b0d2b1280 Size: 117.56 KB (117561 bytes) Detections: 19 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
9.	tmp569D.exe	44ca739c373592ba6a196008024cb779	18
Name: tmp569D.exe MD5: 44ca739c373592ba6a196008024cb779 Size: 157.38 KB (157388 bytes) Detections: 18 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
10.	tmpF9F4.exe	6658bc1fb00fac2229955523f0f58400	17
Name: tmpF9F4.exe MD5: 6658bc1fb00fac2229955523f0f58400 Size: 183.34 KB (183346 bytes) Detections: 17 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: May 8, 2020
11.	PerformanceMonitor.dll	555628cc5f5dac4b37fd1a87527b24c6	17
Name: PerformanceMonitor.dll MD5: 555628cc5f5dac4b37fd1a87527b24c6 Size: 4.85 MB (4851200 bytes) Detections: 17 Type: Dynamic link library Path: C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll Group: Malware file Last Updated: April 5, 2021
12.	tmp6C20.exe	03871146d11281fb31599a47f4d26180	17
Name: tmp6C20.exe MD5: 03871146d11281fb31599a47f4d26180 Size: 110.96 KB (110960 bytes) Detections: 17 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
13.	tmp6806.exe	d393ccbb465f85673cd25bee9bdfa5b0	16
Name: tmp6806.exe MD5: d393ccbb465f85673cd25bee9bdfa5b0 Size: 136.41 KB (136418 bytes) Detections: 16 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
14.	PerformanceMonitor.dll	1d8ae7e0cc2d42a3fa4cfda7b542028b	16
Name: PerformanceMonitor.dll MD5: 1d8ae7e0cc2d42a3fa4cfda7b542028b Size: 4.89 MB (4891648 bytes) Detections: 16 Type: Dynamic link library Path: C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll Group: Malware file Last Updated: April 7, 2021
15.	tmpFE80.exe	8e04a81b7d2564131d95b3fddfa67666	15
Name: tmpFE80.exe MD5: 8e04a81b7d2564131d95b3fddfa67666 Size: 165.88 KB (165887 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
16.	tmp869E.exe	1e710904d65e5f037eb504ae75133f36	15
Name: tmp869E.exe MD5: 1e710904d65e5f037eb504ae75133f36 Size: 150.58 KB (150587 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
17.	tmpB546.exe	5f8ddf99f1438b6138b5c4f2e0245ce8	15
Name: tmpB546.exe MD5: 5f8ddf99f1438b6138b5c4f2e0245ce8 Size: 334.84 KB (334848 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
18.	tmp4EDC.exe	baca6c3316a4a83c5c3e0c021a899441	15
Name: tmp4EDC.exe MD5: baca6c3316a4a83c5c3e0c021a899441 Size: 335.36 KB (335360 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
19.	PerformanceMonitor.dll	4c9a3490caa3da083aee06929907b81e	15
Name: PerformanceMonitor.dll MD5: 4c9a3490caa3da083aee06929907b81e Size: 4.85 MB (4859904 bytes) Detections: 15 Type: Dynamic link library Path: %LOCALAPPDATA%\Microsoft\Performance\Monitor Group: Malware file Last Updated: March 18, 2017
20.	tmp1938.exe	63a45cd50a19520fbce8ba0057d489eb	15
Name: tmp1938.exe MD5: 63a45cd50a19520fbce8ba0057d489eb Size: 117.56 KB (117561 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
21.	tmp74F.exe	6b4943b8654562d7cc816b8659955090	14
Name: tmp74F.exe MD5: 6b4943b8654562d7cc816b8659955090 Size: 117.56 KB (117561 bytes) Detections: 14 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\TheftProtection\temp Group: Malware file Last Updated: March 18, 2017
22.	tmp4430.exe	68c25c12336f747848d08b5fc8022987	13
Name: tmp4430.exe MD5: 68c25c12336f747848d08b5fc8022987 Size: 168.94 KB (168942 bytes) Detections: 13 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
23.	tmp6114.exe	5ad5e4365c8c56850925517e0cd5c028	13
Name: tmp6114.exe MD5: 5ad5e4365c8c56850925517e0cd5c028 Size: 128.48 KB (128486 bytes) Detections: 13 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
24.	tmp3B13.exe	5c71561673cf37415ff06c5b478f1b70	13
Name: tmp3B13.exe MD5: 5c71561673cf37415ff06c5b478f1b70 Size: 117.56 KB (117561 bytes) Detections: 13 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
25.	tmpBDD7.exe	ac21a20f463549e1371ff78019426b07	12
Name: tmpBDD7.exe MD5: ac21a20f463549e1371ff78019426b07 Size: 238.3 KB (238309 bytes) Detections: 12 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
26.	PerformanceMonitor.dll	dda59260d82030b93c5e1bb2f210e827	12
Name: PerformanceMonitor.dll MD5: dda59260d82030b93c5e1bb2f210e827 Size: 4.01 MB (4012544 bytes) Detections: 12 Type: Dynamic link library Path: %LOCALAPPDATA%\Microsoft\Performance\Monitor Group: Malware file Last Updated: March 18, 2017
27.	PerformanceMonitor.dll	baf7226787d374f300dfdda3307b8553	12
Name: PerformanceMonitor.dll MD5: baf7226787d374f300dfdda3307b8553 Size: 4.04 MB (4046336 bytes) Detections: 12 Type: Dynamic link library Path: %LOCALAPPDATA%\Microsoft\Performance\Monitor Group: Malware file Last Updated: March 18, 2017
28.	tmp99FE.exe	c7b072b41d564f8f4938869e852de9aa	12
Name: tmp99FE.exe MD5: c7b072b41d564f8f4938869e852de9aa Size: 117.56 KB (117561 bytes) Detections: 12 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
29.	%UserProfile%\Programs\ AppData \[Random Charateristc].exe
Name: %UserProfile%\Programs\ AppData \[Random Charateristc].exe Type: Executable File Group: Malware file
30.	%UserProfile%\Programs\Temp\[Random Charateristc].dll
Name: %UserProfile%\Programs\Temp\[Random Charateristc].dll Type: Dynamic link library Group: Malware file
31.	%UserProfile%\Programs\ AppData\roaming\[Random Charateristc].dll
Name: %UserProfile%\Programs\ AppData\roaming\[Random Charateristc].dll Type: Dynamic link library Group: Malware file

More files

Registry Details

Win64/Sathurbot.A may create the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\Microsoft\Performance\Monitor\SecurityHelper.dll

%ALLUSERSPROFILE%\Microsoft\Security\Client\SecurityHelper.dll

%PUBLIC%\Documents\Microsoft\Assistance\Tools\TPAutoConnect32.exe

HKEY..\..\{Value}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run""= "%AppData%\.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run""= "%AppData%\.exe"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes"=".random”

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Win64/Sathurbot.A

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Win64/Sathurbot.A

File System Details

Registry Details

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen