Backdoor.Qakbot

Aliases: Trj/OCJ.D [Panda], Generic32.BQVT [AVG], Trojan/Win32.Pincav [AhnLab-V3], TR/Pincav.cmzp [AntiVir], Trojan.Win32.Qakbot.aa (v), Trojan.Win32.Pincav.cmzp.AMN (A), Trojan.Win32.Pincav.cmzp [Kaspersky], TROJ_SPNR.14DK13, Kryptik.BVRT, Trojan.Agent.ED, RDN/Generic.dx!bhv [McAfee], Trojan.GenericKDV.947831, Trj/Genetic.gen [Panda], BackDoor.Generic17.APH [AVG] and W32/QBot.AB!tr.bdr [Fortinet].

Technical Information

File System Details

Backdoor.Qakbot creates the following file(s):
# File Name Size MD5 Detection Count
1 %APPDATA%\Microsoft\Ubvnl\ubvnl.exe 189,392 c012c8c02f757ef14aaf3a36e279ad5f 11
2 %APPDATA%\Microsoft\Ywukrwpx\ywukrwpx.exe 277,504 48e69094e690f90c3283220b2335420a 7
3 %APPDATA%\Microsoft\Elpxg\elpxg.exe 208,704 2c6a2ce8ab9e260c85ee9c243b2b6fa0 7
4 %APPDATA%\Microsoft\Huatrn\huatrn.exe 271,872 d94c26e7cf265f368825856f979d55c2 4
5 %APPDATA%\Microsoft\Vxioywgo\vxioywgo.exe 258,048 9cd50b46b9bb6d1730289638ce6b5a91 2
6 %APPDATA%\Microsoft\Txrpt\txrpt.exe 259,072 67df2dc90d294012434ada95710d1aa1 2
7 %SystemDrive%\Documents and Settings\netuser\Application Data\Microsoft\Syjyaing\syjyaing.exe 262,144 255cfd641a1ed38fdf7c813becff047e 2
8 %APPDATA%\Microsoft\Zabeqpr\zabeqpr.exe 262,144 8d8b9f81edefb6658437e079ba542fd8 2
9 %APPDATA%\Microsoft\Oaknmaz\oaknmaz.exe 262,144 0fd17d72a3c1574cbc3029e615c691f6 2
10 %APPDATA%\Microsoft\Tukvmy\tukvmy.exe 266,240 2336b40a3038a2012d6f7e1d239c4926 2
11 %ALLUSERSPROFILE%\application data\microsoft\kyexkir\kyexkir.exe 382,976 d8e32bc498987650c9be435f9e14522a 1
12 c:\users\user\appdata\roaming\microsoft\aynhwqvy\aynhwqvy.exe 237,568 c80f0ebb89a42b9903ecf1382367ebbe 1

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.