Trojan.ShadowBrokers Removal Report

Table of Contents

SpyHunter Detects & Remove Trojan.ShadowBrokers

File System Details

Trojan.ShadowBrokers may create the following file(s):

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	Eternalblue-2.2.0.exe	8c80dd97c37525927c1e549cb59bcbf3	49,662
Name: Eternalblue-2.2.0.exe MD5: 8c80dd97c37525927c1e549cb59bcbf3 Size: 129.02 KB (129024 bytes) Detections: 49,662 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\Eternalblue-2.2.0.exe Group: Malware file Last Updated: April 25, 2024
2.	Doublepulsar-1.3.1.exe	c24315b0585b852110977dacafe6c8c1	21,109
Name: Doublepulsar-1.3.1.exe MD5: c24315b0585b852110977dacafe6c8c1 Size: 45.56 KB (45568 bytes) Detections: 21,109 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\Doublepulsar-1.3.1.exe Group: Malware file Last Updated: April 25, 2024
3.	libxml2.dll	9a5cec05e9c158cbc51cdc972693363d	21,094
Name: libxml2.dll MD5: 9a5cec05e9c158cbc51cdc972693363d Size: 826.36 KB (826368 bytes) Detections: 21,094 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\libxml2.dll Group: Malware file Last Updated: April 25, 2024
4.	posh-0.dll	2f0a52ce4f445c6e656ecebbcaceade5	21,050
Name: posh-0.dll MD5: 2f0a52ce4f445c6e656ecebbcaceade5 Size: 11.26 KB (11264 bytes) Detections: 21,050 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\posh-0.dll Group: Malware file Last Updated: April 25, 2024
5.	exma-1.dll	ba629216db6cf7c0c720054b0c9a13f3	20,844
Name: exma-1.dll MD5: ba629216db6cf7c0c720054b0c9a13f3 Size: 10.24 KB (10240 bytes) Detections: 20,844 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\exma-1.dll Group: Malware file Last Updated: April 25, 2024
6.	ucl.dll	6b7276e4aa7a1e50735d2f6923b40de4	20,770
Name: ucl.dll MD5: 6b7276e4aa7a1e50735d2f6923b40de4 Size: 58.36 KB (58368 bytes) Detections: 20,770 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\ucl.dll Group: Malware file Last Updated: April 25, 2024
7.	tibe-2.dll	f0881d5a7f75389deba3eff3f4df09ac	20,699
Name: tibe-2.dll MD5: f0881d5a7f75389deba3eff3f4df09ac Size: 237.56 KB (237568 bytes) Detections: 20,699 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\tibe-2.dll Group: Malware file Last Updated: April 25, 2024
8.	tucl-1.dll	83076104ae977d850d1e015704e5730a	20,686
Name: tucl-1.dll MD5: 83076104ae977d850d1e015704e5730a Size: 9.21 KB (9216 bytes) Detections: 20,686 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\tucl-1.dll Group: Malware file Last Updated: April 25, 2024
9.	zlib1.dll	e4ad4df4e41240587b4fe8bbcb32db15	16,987
Name: zlib1.dll MD5: e4ad4df4e41240587b4fe8bbcb32db15 Size: 60.41 KB (60416 bytes) Detections: 16,987 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\zlib1.dll Group: Malware file Last Updated: April 25, 2024
10.	libeay32.dll	f01f09fe90d0f810c44dce4e94785227	16,902
Name: libeay32.dll MD5: f01f09fe90d0f810c44dce4e94785227 Size: 903.16 KB (903168 bytes) Detections: 16,902 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\libeay32.dll Group: Malware file Last Updated: April 25, 2024
11.	ssleay32.dll	5e8ecdc3e70e2ecb0893cbda2c18906f	16,283
Name: ssleay32.dll MD5: 5e8ecdc3e70e2ecb0893cbda2c18906f Size: 184.32 KB (184320 bytes) Detections: 16,283 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\ssleay32.dll Group: Malware file Last Updated: April 25, 2024
12.	cnli-1.dll	a539d27f33ef16e52430d3d2e92e9d5c	16,265
Name: cnli-1.dll MD5: a539d27f33ef16e52430d3d2e92e9d5c Size: 100.86 KB (100864 bytes) Detections: 16,265 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\cnli-1.dll Group: Malware file Last Updated: April 25, 2024
13.	crli-0.dll	f82fa69bfe0522163eb0cf8365497da2	16,239
Name: crli-0.dll MD5: f82fa69bfe0522163eb0cf8365497da2 Size: 17.4 KB (17408 bytes) Detections: 16,239 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\crli-0.dll Group: Malware file Last Updated: April 25, 2024
14.	dmgd-4.dll	a05c7011ab464e6c353a057973f5a06e	15,541
Name: dmgd-4.dll MD5: a05c7011ab464e6c353a057973f5a06e Size: 479.74 KB (479744 bytes) Detections: 15,541 Type: Dynamic link library Path: %SYSTEMDRIVE%\Users\<username>\Desktop\d081b8737831f51655eb888511f268dc543cf590aa892927cd21c27bfe1b8787\dmgd-4.dll Group: Malware file Last Updated: April 25, 2024
15.	WINSec.exe	b60f2efacb26a2462b3d6e826f281ac4	27
Name: WINSec.exe MD5: b60f2efacb26a2462b3d6e826f281ac4 Size: 1.23 MB (1233408 bytes) Detections: 27 Type: Executable File Path: C:\Windows\security\WINSec.exe Group: Malware file Last Updated: August 31, 2023
16.	1710vps.exe	957b4fefdda7a1f41ad29413a67b76b1	0
Name: 1710vps.exe MD5: 957b4fefdda7a1f41ad29413a67b76b1 Size: 3.25 MB (3258468 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: May 1, 2017

Registry Details

Trojan.ShadowBrokers may create the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\blue.fb

%ALLUSERSPROFILE%\blue.xml

%ALLUSERSPROFILE%\star.fb

%ALLUSERSPROFILE%\star.xml

%ALLUSERSPROFILE%\temp1.exe

%ALLUSERSPROFILE%\uname

%ALLUSERSPROFILE%\upass

%WINDIR%\temp\svchost[RANDOM CHARACTERS].(exe$|xml$)

Directories

Trojan.ShadowBrokers may create the following directory or directories:

%HOMEDRIVE%\SMB445

Ranking:	4,764
Threat Level:	80 % (High)
Infected Computers:	348,634

EnigmaSoft's SpyHunter Scores 100% with AV-TEST in 2024

Search

Change Region

Trojan.ShadowBrokers

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Trojan.ShadowBrokers

File System Details

Registry Details

Directories

Submit Comment

Related Posts

Trojan.ShadowBrokers.A

Trending

Baseauthenticity.co.in

PDFSpark

XploitSpy Mobile Malware

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?

First Seen:	May 1, 2017
Last Seen:	April 25, 2024
OS(es) Affected:	Windows