Threat Database Trojans Trojan.ShadowBrokers

Trojan.ShadowBrokers

By CagedTech in Trojans

Threat Scorecard

Ranking: 5,779
Threat Level: 80 % (High)
Infected Computers: 349,113
First Seen: May 1, 2017
Last Seen: July 9, 2024
OS(es) Affected: Windows

SpyHunter Detects & Remove Trojan.ShadowBrokers

File System Details

Trojan.ShadowBrokers may create the following file(s):
# File Name MD5 Detections
1. Eternalblue-2.2.0.exe 8c80dd97c37525927c1e549cb59bcbf3 49,687
2. Doublepulsar-1.3.1.exe c24315b0585b852110977dacafe6c8c1 21,138
3. libxml2.dll 9a5cec05e9c158cbc51cdc972693363d 21,124
4. posh-0.dll 2f0a52ce4f445c6e656ecebbcaceade5 21,077
5. exma-1.dll ba629216db6cf7c0c720054b0c9a13f3 20,873
6. ucl.dll 6b7276e4aa7a1e50735d2f6923b40de4 20,800
7. tibe-2.dll f0881d5a7f75389deba3eff3f4df09ac 20,726
8. tucl-1.dll 83076104ae977d850d1e015704e5730a 20,713
9. zlib1.dll e4ad4df4e41240587b4fe8bbcb32db15 17,018
10. libeay32.dll f01f09fe90d0f810c44dce4e94785227 16,932
11. ssleay32.dll 5e8ecdc3e70e2ecb0893cbda2c18906f 16,310
12. cnli-1.dll a539d27f33ef16e52430d3d2e92e9d5c 16,291
13. crli-0.dll f82fa69bfe0522163eb0cf8365497da2 16,268
14. dmgd-4.dll a05c7011ab464e6c353a057973f5a06e 15,569
15. WINSec.exe b60f2efacb26a2462b3d6e826f281ac4 27
16. 1710vps.exe 957b4fefdda7a1f41ad29413a67b76b1 0

Registry Details

Trojan.ShadowBrokers may create the following registry entry or registry entries:
Regexp file mask
%ALLUSERSPROFILE%\blue.fb
%ALLUSERSPROFILE%\blue.xml
%ALLUSERSPROFILE%\star.fb
%ALLUSERSPROFILE%\star.xml
%ALLUSERSPROFILE%\temp1.exe
%ALLUSERSPROFILE%\uname
%ALLUSERSPROFILE%\upass
%WINDIR%\temp\svchost[RANDOM CHARACTERS].(exe$|xml$)

Directories

Trojan.ShadowBrokers may create the following directory or directories:

%HOMEDRIVE%\SMB445

Related Posts

Trending

Most Viewed

Loading...