Win64/Sathurbot.A

By GoldSparrow in Trojans

Threat Scorecard

Threat Level:	80 % (High)
Infected Computers:	3,438

First Seen:	August 28, 2014
Last Seen:	May 9, 2025
OS(es) Affected:	Windows

Win64/Sathurbot.A is a dangerous Trojan horse threat that may be loaded from malicious sources on the internet without permission from the computer user or alerting them to infection. The Win64/Sathurbot.A threat may allow remote connections from hackers where data stored on the infected computer could be stolen. The Win64/Sathurbot.A infection could then run in the background undetected. Removal of Win64/Sathurbot.A may warrant use of an antispyware tool capable of removing Trojan horses from Windows PCs. When removed, Win64/Sathurbot.A will no longer be able to allow remote connects where data stored on the hard drive is at risk of being stolen. In such a case, Win64/Sathurbot.A could lead to identity theft of other serious issues.

Table of Contents

SpyHunter Detects & Remove Win64/Sathurbot.A

File System Details

Win64/Sathurbot.A may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	tmpF45C.exe	737456de3bd854e06a3c3cb7da3e2e21	55
Name: tmpF45C.exe MD5: 737456de3bd854e06a3c3cb7da3e2e21 Size: 146.99 KB (146998 bytes) Detections: 55 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: May 9, 2025
2.	tmp2560.exe	67034cf89085f5aa9dec4ea43f19046f	35
Name: tmp2560.exe MD5: 67034cf89085f5aa9dec4ea43f19046f Size: 117.56 KB (117561 bytes) Detections: 35 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
3.	tmp42BA.exe	6312e5384fd9efbf8b7f169584a849e0	31
Name: tmp42BA.exe MD5: 6312e5384fd9efbf8b7f169584a849e0 Size: 153.89 KB (153896 bytes) Detections: 31 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
4.	tmp6E06.exe	55a123d069b195208411e64897af0b5b	31
Name: tmp6E06.exe MD5: 55a123d069b195208411e64897af0b5b Size: 162.36 KB (162369 bytes) Detections: 31 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
5.	tmp56AB.exe	e9f9d813cefd9815a833179a21ef6074	30
Name: tmp56AB.exe MD5: e9f9d813cefd9815a833179a21ef6074 Size: 121.34 KB (121344 bytes) Detections: 30 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
6.	tmpA10B.exe	dfb64c158b59d0d1a7dabd5576191c9e	23
Name: tmpA10B.exe MD5: dfb64c158b59d0d1a7dabd5576191c9e Size: 133.17 KB (133172 bytes) Detections: 23 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
7.	tmpD69F.exe	e38cefcaf463c6d2186118c87b144a44	23
Name: tmpD69F.exe MD5: e38cefcaf463c6d2186118c87b144a44 Size: 127.23 KB (127234 bytes) Detections: 23 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: June 7, 2020
8.	tmpAB40.exe	b2ab8483df8c50ce52a54e80d1161033	21
Name: tmpAB40.exe MD5: b2ab8483df8c50ce52a54e80d1161033 Size: 174.63 KB (174633 bytes) Detections: 21 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
9.	tmpFDBD.exe	947850ea31b0746472d8f426139649dc	19
Name: tmpFDBD.exe MD5: 947850ea31b0746472d8f426139649dc Size: 160.51 KB (160518 bytes) Detections: 19 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
10.	tmp7EBD.exe	7c18bc310ff85465400e2b9b0d2b1280	19
Name: tmp7EBD.exe MD5: 7c18bc310ff85465400e2b9b0d2b1280 Size: 117.56 KB (117561 bytes) Detections: 19 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
11.	tmp569D.exe	44ca739c373592ba6a196008024cb779	18
Name: tmp569D.exe MD5: 44ca739c373592ba6a196008024cb779 Size: 157.38 KB (157388 bytes) Detections: 18 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
12.	tmpF9F4.exe	6658bc1fb00fac2229955523f0f58400	17
Name: tmpF9F4.exe MD5: 6658bc1fb00fac2229955523f0f58400 Size: 183.34 KB (183346 bytes) Detections: 17 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: May 8, 2020
13.	PerformanceMonitor.dll	555628cc5f5dac4b37fd1a87527b24c6	17
Name: PerformanceMonitor.dll MD5: 555628cc5f5dac4b37fd1a87527b24c6 Size: 4.85 MB (4851200 bytes) Detections: 17 Type: Dynamic link library Path: C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll Group: Malware file Last Updated: April 5, 2021
14.	tmp6C20.exe	03871146d11281fb31599a47f4d26180	17
Name: tmp6C20.exe MD5: 03871146d11281fb31599a47f4d26180 Size: 110.96 KB (110960 bytes) Detections: 17 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
15.	tmp98A6.exe	8538a07d319ab60b4dc3a744a80d46ee	16
Name: tmp98A6.exe MD5: 8538a07d319ab60b4dc3a744a80d46ee Size: 167.93 KB (167936 bytes) Detections: 16 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
16.	tmp2E02.exe	6c3d813dc9359a07a3e1cb1a7aa5017e	16
Name: tmp2E02.exe MD5: 6c3d813dc9359a07a3e1cb1a7aa5017e Size: 163.84 KB (163840 bytes) Detections: 16 Type: Executable File Path: %LOCALAPPDATA%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
17.	tmp6806.exe	d393ccbb465f85673cd25bee9bdfa5b0	16
Name: tmp6806.exe MD5: d393ccbb465f85673cd25bee9bdfa5b0 Size: 136.41 KB (136418 bytes) Detections: 16 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
18.	tmpFE80.exe	8e04a81b7d2564131d95b3fddfa67666	15
Name: tmpFE80.exe MD5: 8e04a81b7d2564131d95b3fddfa67666 Size: 165.88 KB (165887 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
19.	tmp869E.exe	1e710904d65e5f037eb504ae75133f36	15
Name: tmp869E.exe MD5: 1e710904d65e5f037eb504ae75133f36 Size: 150.58 KB (150587 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
20.	tmpB546.exe	5f8ddf99f1438b6138b5c4f2e0245ce8	15
Name: tmpB546.exe MD5: 5f8ddf99f1438b6138b5c4f2e0245ce8 Size: 334.84 KB (334848 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
21.	tmp4EDC.exe	baca6c3316a4a83c5c3e0c021a899441	15
Name: tmp4EDC.exe MD5: baca6c3316a4a83c5c3e0c021a899441 Size: 335.36 KB (335360 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
22.	tmp1938.exe	63a45cd50a19520fbce8ba0057d489eb	15
Name: tmp1938.exe MD5: 63a45cd50a19520fbce8ba0057d489eb Size: 117.56 KB (117561 bytes) Detections: 15 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
23.	tmp74F.exe	6b4943b8654562d7cc816b8659955090	14
Name: tmp74F.exe MD5: 6b4943b8654562d7cc816b8659955090 Size: 117.56 KB (117561 bytes) Detections: 14 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\TheftProtection\temp Group: Malware file Last Updated: March 18, 2017
24.	tmp4430.exe	68c25c12336f747848d08b5fc8022987	13
Name: tmp4430.exe MD5: 68c25c12336f747848d08b5fc8022987 Size: 168.94 KB (168942 bytes) Detections: 13 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
25.	tmp6114.exe	5ad5e4365c8c56850925517e0cd5c028	13
Name: tmp6114.exe MD5: 5ad5e4365c8c56850925517e0cd5c028 Size: 128.48 KB (128486 bytes) Detections: 13 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
26.	tmp3B13.exe	5c71561673cf37415ff06c5b478f1b70	13
Name: tmp3B13.exe MD5: 5c71561673cf37415ff06c5b478f1b70 Size: 117.56 KB (117561 bytes) Detections: 13 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
27.	tmpBDD7.exe	ac21a20f463549e1371ff78019426b07	12
Name: tmpBDD7.exe MD5: ac21a20f463549e1371ff78019426b07 Size: 238.3 KB (238309 bytes) Detections: 12 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
28.	tmp99FE.exe	c7b072b41d564f8f4938869e852de9aa	12
Name: tmp99FE.exe MD5: c7b072b41d564f8f4938869e852de9aa Size: 117.56 KB (117561 bytes) Detections: 12 Type: Executable File Path: %ALLUSERSPROFILE%\Microsoft\Performance\Monitor\temp Group: Malware file Last Updated: March 18, 2017
29.	%UserProfile%\Programs\ AppData \[Random Charateristc].exe
Name: %UserProfile%\Programs\ AppData \[Random Charateristc].exe Type: Executable File Group: Malware file
30.	%UserProfile%\Programs\Temp\[Random Charateristc].dll
Name: %UserProfile%\Programs\Temp\[Random Charateristc].dll Type: Dynamic link library Group: Malware file
31.	%UserProfile%\Programs\ AppData\roaming\[Random Charateristc].dll
Name: %UserProfile%\Programs\ AppData\roaming\[Random Charateristc].dll Type: Dynamic link library Group: Malware file

More files

Registry Details

Win64/Sathurbot.A may create the following registry entry or registry entries:

Regexp file mask

%ALLUSERSPROFILE%\Microsoft\Performance\Monitor\SecurityHelper.dll

%ALLUSERSPROFILE%\Microsoft\Security\Client\SecurityHelper.dll

%PUBLIC%\Documents\Microsoft\Assistance\Tools\TPAutoConnect32.exe

HKEY..\..\{Value}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run""= "%AppData%\.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run""= "%AppData%\.exe"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes"=".random”

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Win64/Sathurbot.A

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Win64/Sathurbot.A

File System Details

Registry Details

Submit Comment

Trending

AAVE Airdrop Scam

Webheroes.store

DOGE Compensation To Fraud Victims Worldwide Email Scam

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Is Stuck on Gray Screen

Discord Shows Black Screen when Sharing Screen