Trojan.Qukart

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	10,932
Threat Level:	80 % (High)
Infected Computers:	136

First Seen:	January 10, 2013
Last Seen:	June 8, 2026
OS(es) Affected:	Windows

Table of Contents

SpyHunter Detects & Remove Trojan.Qukart

File System Details

Trojan.Qukart may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	file.exe	b310a5747442df136d1c859967581a05	0
Name: file.exe MD5: b310a5747442df136d1c859967581a05 Size: 105.47 KB (105472 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: October 24, 2017

More files

Analysis Report

General information

Family Name:	Trojan.Qukart
Signature status:	No Signature

Known Samples

MD5: 03c469d23479a11ccbd1577ca8bf3c46

SHA1: d165c7a244eee14ce62ea0bf4374901e00e4b314

SHA256: 3BD529C971EBE5B4226F6B95838CEC571CA6C4E9189581269A6F7121197E0D82

File Size: 87.55 KB, 87552 bytes

MD5: de3e35eda3b501b31d1fabe42ee56dd8

SHA1: 9a50aee8df2f03c3e229fad2231c1c043b50d008

SHA256: 0075F91E3BB410838BCF5C3344F930F9EC9FDCE16B3CC753B524B485F4024286

File Size: 57.34 KB, 57344 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have resources
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)

File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

2+ executable sections
HighEntropy
No Version Info
x86

Block Information

Total Blocks:	1
Potentially Malicious Blocks:	1
Whitelisted Blocks:	0
Unknown Blocks:	0

Visual Map

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Qukart.A
Qukart.C

Files Modified

File	Attributes
c:\windows\syswow64\agilpbdb.dll	Generic Write,Read Attributes
c:\windows\syswow64\ahdlfa32.dll	Generic Write,Read Attributes
c:\windows\syswow64\aiomaegn.dll	Generic Write,Read Attributes
c:\windows\syswow64\akehli32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\akehli32.exe	Generic Write,Read Attributes
c:\windows\syswow64\ameanden.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\ameanden.exe	Generic Write,Read Attributes
c:\windows\syswow64\apfjpobo.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\apfjpobo.exe	Generic Write,Read Attributes
c:\windows\syswow64\apgqml32.dll	Generic Write,Read Attributes

c:\windows\syswow64\aphegn32.dll	Generic Write,Read Attributes
c:\windows\syswow64\apifeo32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\apifeo32.exe	Generic Write,Read Attributes
c:\windows\syswow64\apohme32.dll	Generic Write,Read Attributes
c:\windows\syswow64\bciogj32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\bciogj32.exe	Generic Write,Read Attributes
c:\windows\syswow64\bdjike32.dll	Generic Write,Read Attributes
c:\windows\syswow64\bdlolmpb.dll	Generic Write,Read Attributes
c:\windows\syswow64\bdmlfh32.dll	Generic Write,Read Attributes
c:\windows\syswow64\bgghmh32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\bgghmh32.exe	Generic Write,Read Attributes
c:\windows\syswow64\blijpnnf.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\blijpnnf.exe	Generic Write,Read Attributes
c:\windows\syswow64\bmdbhggi.dll	Generic Write,Read Attributes
c:\windows\syswow64\bmkqcbgb.dll	Generic Write,Read Attributes
c:\windows\syswow64\bncmobin.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\bncmobin.exe	Generic Write,Read Attributes
c:\windows\syswow64\bnegbc32.dll	Generic Write,Read Attributes
c:\windows\syswow64\cddkmk32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\cddkmk32.exe	Generic Write,Read Attributes
c:\windows\syswow64\cgednf32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\cgednf32.exe	Generic Write,Read Attributes
c:\windows\syswow64\cghadffa.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\cghadffa.exe	Generic Write,Read Attributes
c:\windows\syswow64\cpgbfm32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\cpgbfm32.exe	Generic Write,Read Attributes
c:\windows\syswow64\dchdoe32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\dchdoe32.exe	Generic Write,Read Attributes
c:\windows\syswow64\ddibhj32.dll	Generic Write,Read Attributes
c:\windows\syswow64\dgnfkadb.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\dgnfkadb.exe	Generic Write,Read Attributes
c:\windows\syswow64\djhjeq32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\djhjeq32.exe	Generic Write,Read Attributes
c:\windows\syswow64\djkgkq32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\djkgkq32.exe	Generic Write,Read Attributes
c:\windows\syswow64\dmlpmlnp.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\dmlpmlnp.exe	Generic Write,Read Attributes
c:\windows\syswow64\eafpeqjp.dll	Generic Write,Read Attributes
c:\windows\syswow64\ecjadeah.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\ecjadeah.exe	Generic Write,Read Attributes
c:\windows\syswow64\egbmkh32.dll	Generic Write,Read Attributes
c:\windows\syswow64\ehagjkcl.dll	Generic Write,Read Attributes
c:\windows\syswow64\emdklk32.dll	Generic Write,Read Attributes
c:\windows\syswow64\emkihdoo.dll	Generic Write,Read Attributes
c:\windows\syswow64\eqmanfak.dll	Generic Write,Read Attributes
c:\windows\syswow64\gegngm32.dll	Generic Write,Read Attributes
c:\windows\syswow64\globll32.dll	Generic Write,Read Attributes
c:\windows\syswow64\hancdm32.dll	Generic Write,Read Attributes
c:\windows\syswow64\hgeffjhg.dll	Generic Write,Read Attributes
c:\windows\syswow64\iefgdb32.dll	Generic Write,Read Attributes
c:\windows\syswow64\jdllij32.dll	Generic Write,Read Attributes
c:\windows\syswow64\johbfmpl.dll	Generic Write,Read Attributes
c:\windows\syswow64\kfobkmkg.dll	Generic Write,Read Attributes
c:\windows\syswow64\mfmjbp32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\mfmjbp32.exe	Generic Write,Read Attributes
c:\windows\syswow64\mkfjiamc.dll	Generic Write,Read Attributes
c:\windows\syswow64\mlkojghe.dll	Generic Write,Read Attributes
c:\windows\syswow64\mmiodj32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\mmiodj32.exe	Generic Write,Read Attributes
c:\windows\syswow64\mnhabo32.dll	Generic Write,Read Attributes
c:\windows\syswow64\nfkgcnjf.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\nfkgcnjf.exe	Generic Write,Read Attributes
c:\windows\syswow64\nlnlefah.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\nlnlefah.exe	Generic Write,Read Attributes
c:\windows\syswow64\nlqikf32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\nlqikf32.exe	Generic Write,Read Attributes
c:\windows\syswow64\npoaadel.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\npoaadel.exe	Generic Write,Read Attributes
c:\windows\syswow64\obddnonh.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\obddnonh.exe	Generic Write,Read Attributes
c:\windows\syswow64\obfacole.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\obfacole.exe	Generic Write,Read Attributes
c:\windows\syswow64\ofdijmbl.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\ofdijmbl.exe	Generic Write,Read Attributes
c:\windows\syswow64\offfompi.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\offfompi.exe	Generic Write,Read Attributes
c:\windows\syswow64\ofgdnmaj.dll	Generic Write,Read Attributes
c:\windows\syswow64\ofmcinhc.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\ofmcinhc.exe	Generic Write,Read Attributes
c:\windows\syswow64\ogaaggoi.dll	Generic Write,Read Attributes
c:\windows\syswow64\olojli32.dll	Generic Write,Read Attributes
c:\windows\syswow64\omklob32.dll	Generic Write,Read Attributes
c:\windows\syswow64\pdiaioim.dll	Generic Write,Read Attributes
c:\windows\syswow64\pficel32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\pficel32.exe	Generic Write,Read Attributes
c:\windows\syswow64\pfkpjl32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\pfkpjl32.exe	Generic Write,Read Attributes
c:\windows\syswow64\plmanbff.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\plmanbff.exe	Generic Write,Read Attributes
c:\windows\syswow64\pmgdmf32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\pmgdmf32.exe	Generic Write,Read Attributes
c:\windows\syswow64\qbkceljm.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\qbkceljm.exe	Generic Write,Read Attributes
c:\windows\syswow64\qloncb32.exe	Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete,LEFT 262144
c:\windows\syswow64\qloncb32.exe	Generic Write,Read Attributes

Registry Modifications

Key::Value	Data	API Name
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Ahdlfa32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::threadingmodel	Apartment	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\windows\currentversion\shellserviceobjectdelayload::web event logger	{79FEACFF-FFCE-815E-A900-316290B5B738}	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Ddibhj32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Hancdm32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Bdmlfh32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Aphegn32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Emkihdoo.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Eqmanfak.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Iefgdb32.dll	RegNtPreCreateKey

HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Mkfjiamc.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Bmdbhggi.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Globll32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Aiomaegn.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Egbmkh32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Emdklk32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Apohme32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Kfobkmkg.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Bmkqcbgb.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Olojli32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Mnhabo32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Ehagjkcl.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Johbfmpl.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Bnegbc32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Agilpbdb.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Bdjike32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Bdlolmpb.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Ogaaggoi.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Ofgdnmaj.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Jdllij32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Omklob32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Gegngm32.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Pdiaioim.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Hgeffjhg.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Eafpeqjp.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Mlkojghe.dll	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{79feacff-ffce-815e-a900-316290b5b738}\inprocserver32::	C:\WINDOWS\SysWow64\Apgqml32.dll	RegNtPreCreateKey

Windows API Usage

Category	API
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	WinExec

Shell Command Execution


							C:\WINDOWS\system32\Dgnfkadb.exe

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Qukart

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Trojan.Qukart

File System Details

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

Adware.FreeWorkz

Lantixprostream.co.in

Tradersuper5.xyz

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen