Cerber Ransomware Files - SpywareRemove.com

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{55B72E38-19F0-0122-695E-47D7AADFDEDC}\logman.exe

File name: logman.exe
Size: 233.6 KB (233605 bytes)
MD5: 3f6b7343a396aaabda7cefcf13082d26
Detection count: 16,739
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{55B72E38-19F0-0122-695E-47D7AADFDEDC}
Group: Malware file
Last Updated: August 20, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{BC938CB2-9C1B-4D74-24DE-2E5EC4C86636}\dcomcnfg.exe

File name: dcomcnfg.exe
Size: 727.84 KB (727846 bytes)
MD5: dc68c7b1c3042dd4d40ee946dee1981a
Detection count: 9,837
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{BC938CB2-9C1B-4D74-24DE-2E5EC4C86636}
Group: Malware file
Last Updated: November 17, 2016

%APPDATA%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 246B (246 bytes)
MD5: d3e80e1e6dffc81a2e72c05c9b482fc6
Detection count: 5,790
Mime Type: unknown/vbs
Path: %APPDATA%
Group: Malware file
Last Updated: July 26, 2023

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{D356F669-87E8-7418-7B35-4816AA44C40C}\LocationNotifications.exe

File name: LocationNotifications.exe
Size: 782.08 KB (782080 bytes)
MD5: 031a213144c5ff102217ddc00adf66d0
Detection count: 4,377
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{D356F669-87E8-7418-7B35-4816AA44C40C}
Group: Malware file
Last Updated: August 20, 2016

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\README.hta

File name: README.hta
Size: 4.1 KB (4108 bytes)
MD5: 23351151a066a43ffd0e98979f6939cc
Detection count: 4,183
Mime Type: unknown/hta
Path: %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: April 15, 2017

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{2B00BCC3-42B1-1D8E-FBA1-383F3D0BDE8C}\help.exe

File name: help.exe
Size: 439.42 KB (439427 bytes)
MD5: 22b3148a9cbfa38086e8f683c95964f9
Detection count: 3,743
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{2B00BCC3-42B1-1D8E-FBA1-383F3D0BDE8C}
Group: Malware file
Last Updated: August 20, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{DDC5E9C6-2A32-2A2B-FC96-675564C8B2D5}\certreq.exe

File name: certreq.exe
Size: 272.59 KB (272592 bytes)
MD5: 9971ec7ec1d58b95dd24394c7594dc12
Detection count: 3,515
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{DDC5E9C6-2A32-2A2B-FC96-675564C8B2D5}
Group: Malware file
Last Updated: June 30, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{A74EDD94-8792-864E-CD46-B870E92971B2}\iscsicli.exe

File name: iscsicli.exe
Size: 396.54 KB (396544 bytes)
MD5: 640755628b77e5128e10bf15893865ff
Detection count: 3,279
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{A74EDD94-8792-864E-CD46-B870E92971B2}
Group: Malware file
Last Updated: June 30, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{96C3F6CD-BBF7-36F9-2D69-39E5A9BCE5E1}\wecutil.exe

File name: wecutil.exe
Size: 249.08 KB (249088 bytes)
MD5: eb11a0c7f6767ef3617bef29a0125936
Detection count: 3,279
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{96C3F6CD-BBF7-36F9-2D69-39E5A9BCE5E1}
Group: Malware file
Last Updated: June 30, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{6653DDDB-DC3B-BBE0-0E02-930E09CB2E8A}\certreq.exe

File name: certreq.exe
Size: 352.52 KB (352521 bytes)
MD5: 0d0d0fa005247fb0b4720336bfa46c69
Detection count: 2,834
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{6653DDDB-DC3B-BBE0-0E02-930E09CB2E8A}
Group: Malware file
Last Updated: July 5, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{FFB723EA-791B-AD23-6577-44F26E288641}\wuapp.exe

File name: wuapp.exe
Size: 178.49 KB (178494 bytes)
MD5: f0f52996245a3d10f34ea7875974f98b
Detection count: 2,785
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{FFB723EA-791B-AD23-6577-44F26E288641}
Group: Malware file
Last Updated: June 30, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{1AA55626-AC56-4563-CBB6-A483C4E722F7}\Utilman.exe

File name: Utilman.exe
Size: 204.43 KB (204434 bytes)
MD5: 056f18639bf6adea8c35cfc5e32cd0e3
Detection count: 2,551
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{1AA55626-AC56-4563-CBB6-A483C4E722F7}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 219B (219 bytes)
MD5: 35a3e3b45dcfc1e6c4fd4a160873a0d1
Detection count: 2,375
Mime Type: unknown/vbs
Path: %APPDATA%
Group: Malware file
Last Updated: February 25, 2023

%APPDATA%\{11639717-8C09-D566-9EF6-AD45260A8C71}\ReAgentc.exe

File name: ReAgentc.exe
Size: 195.2 KB (195204 bytes)
MD5: 4655d3e3498f075562f14ba38b2f5e60
Detection count: 1,878
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{11639717-8C09-D566-9EF6-AD45260A8C71}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 216B (216 bytes)
MD5: 48ac29422570636cae371b68c858b988
Detection count: 1,733
Mime Type: unknown/vbs
Path: %APPDATA%
Group: Malware file
Last Updated: November 18, 2022

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{58EE0051-A6B2-735D-4446-78F559F1944F}\iscsicli.exe

File name: iscsicli.exe
Size: 276.21 KB (276210 bytes)
MD5: fbe207f6b013afae50ec2d6612d5e682
Detection count: 1,637
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{58EE0051-A6B2-735D-4446-78F559F1944F}
Group: Malware file
Last Updated: June 30, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{7BC81A7F-9099-C59A-4658-143881482D38}\sdbinst.exe

File name: sdbinst.exe
Size: 278.78 KB (278784 bytes)
MD5: 4d03461e9eee09db0100910dc68736b9
Detection count: 1,499
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{7BC81A7F-9099-C59A-4658-143881482D38}
Group: Malware file
Last Updated: June 30, 2016

%USERPROFILE%\Start Menu\Programs\Startup\README.hta

File name: README.hta
Size: 63.11 KB (63111 bytes)
MD5: 8c59af32be34fa66668dec4e4a5a0fe6
Detection count: 1,473
Mime Type: unknown/hta
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: April 15, 2017

%APPDATA%\{420B74B0-6759-19C6-0C6F-3E14D0BDC32A}\synctask.exe

File name: synctask.exe
Size: 311.29 KB (311296 bytes)
MD5: 49ad394e46a0dae85097b297bbed2800
Detection count: 1,454
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{420B74B0-6759-19C6-0C6F-3E14D0BDC32A}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}\InstallHelp.exe

File name: InstallHelp.exe
Size: 945.15 KB (945152 bytes)
MD5: 4ed76fc058b1017fcb0da50f0750e487
Detection count: 1,368
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{2F3AA0F6-976C-4b02-A66A-5D1DEA00811F}
Group: Malware file
Last Updated: September 14, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{62E00AE3-5835-75AF-A74E-DAB5F6089633}\shrpubw.exe

File name: shrpubw.exe
Size: 188.03 KB (188039 bytes)
MD5: 356ea1ee79f9c1f7a4b713028c7f20b5
Detection count: 1,354
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{62E00AE3-5835-75AF-A74E-DAB5F6089633}
Group: Malware file
Last Updated: August 20, 2016

D:\B?NG GI? B? ??I T?N VI?T\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 204B (204 bytes)
MD5: f4f62c6f03227c16f4224d94f3df3290
Detection count: 1,312
Mime Type: unknown/vbs
Path: D:\B?NG GI? B? ??I T?N VI?T
Group: Malware file
Last Updated: October 13, 2023

%APPDATA%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 208B (208 bytes)
MD5: 0f432f89aeb7c3a417613778382eff30
Detection count: 1,227
Mime Type: unknown/vbs
Path: %APPDATA%
Group: Malware file
Last Updated: September 15, 2022

%APPDATA%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 252B (252 bytes)
MD5: 18d46f5d8ebd3c7d6df0c7a8fd1bd64d
Detection count: 1,108
Mime Type: unknown/vbs
Path: %APPDATA%
Group: Malware file
Last Updated: October 8, 2023

%ALLUSERSPROFILE%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 213B (213 bytes)
MD5: 1c2a24505278e661eca32666d4311ce5
Detection count: 1,094
Mime Type: unknown/vbs
Path: %ALLUSERSPROFILE%
Group: Malware file
Last Updated: September 21, 2023

%APPDATA%\{46B13E62-A171-6C43-F86C-67BAEC00A0BD}\Updater.exe

File name: Updater.exe
Size: 380.41 KB (380416 bytes)
MD5: 50d0c22eeda481127c0a87d1440bd040
Detection count: 977
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{46B13E62-A171-6C43-F86C-67BAEC00A0BD}
Group: Malware file
Last Updated: September 14, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{42C98EC4-EC5F-FE36-2A6F-0B0F385BBD36}\dccw.exe

File name: dccw.exe
Size: 635.64 KB (635649 bytes)
MD5: 91f0bbfa3e515144e08df88c9a65e71a
Detection count: 965
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{42C98EC4-EC5F-FE36-2A6F-0B0F385BBD36}
Group: Malware file
Last Updated: July 12, 2016

%APPDATA%\# DECRYPT MY FILES #.vbs

File name: # DECRYPT MY FILES #.vbs
Size: 231B (231 bytes)
MD5: 9d8c4bfbd009c4d6001e2125abaa8b02
Detection count: 953
Mime Type: unknown/vbs
Path: %APPDATA%
Group: Malware file
Last Updated: September 27, 2023

%APPDATA%\{B14B87F0-9419-EA86-FF2F-CD5423FD306A}\SynHelper.exe

File name: SynHelper.exe
Size: 304.64 KB (304640 bytes)
MD5: 519a98004850bb8d671b37ad5a679531
Detection count: 925
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{B14B87F0-9419-EA86-FF2F-CD5423FD306A}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{51FBCA03-C471-95E3-EEA4-70CE8949A24D}\pricefountainupdateverupdate.exe

File name: pricefountainupdateverupdate.exe
Size: 274.94 KB (274944 bytes)
MD5: b72c37b239dd2f4dad1f386b3a4b911e
Detection count: 902
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{51FBCA03-C471-95E3-EEA4-70CE8949A24D}
Group: Malware file
Last Updated: September 14, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{BB5C4DEE-2593-98EF-33D8-00FDD11BA0DD}\rasdial.exe

File name: rasdial.exe
Size: 195.84 KB (195848 bytes)
MD5: e0e6b41200a0079a1285852c3153998c
Detection count: 885
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{BB5C4DEE-2593-98EF-33D8-00FDD11BA0DD}
Group: Malware file
Last Updated: June 30, 2016

%APPDATA%\{645C2F8F-F5A5-7886-7E1D-55334ADDC715}\sync.exe

File name: sync.exe
Size: 415.23 KB (415232 bytes)
MD5: 02993f6cbe9d92e4984d587fc26525a8
Detection count: 874
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{645C2F8F-F5A5-7886-7E1D-55334ADDC715}
Group: Malware file
Last Updated: September 14, 2016

%USERPROFILE%\README.hta

File name: README.hta
Size: 4.1 KB (4108 bytes)
MD5: c409056659364d79edcf6e0da88e5bcb
Detection count: 843
Mime Type: unknown/hta
Path: %USERPROFILE%
Group: Malware file
Last Updated: April 15, 2017

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{B6724642-9745-6D9C-726C-2FA74D8F74AC}\bootcfg.exe

File name: bootcfg.exe
Size: 195.89 KB (195894 bytes)
MD5: cdfe68a00c7c7766bc88b25b38d85a65
Detection count: 834
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{B6724642-9745-6D9C-726C-2FA74D8F74AC}
Group: Malware file
Last Updated: June 30, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{B9B945ED-24CB-0419-99B9-7B5BA171E83F}\WPDShextAutoplay.exe

File name: WPDShextAutoplay.exe
Size: 396.03 KB (396032 bytes)
MD5: 20feb4e0a8e32043b17e21e9744a13d6
Detection count: 820
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{B9B945ED-24CB-0419-99B9-7B5BA171E83F}
Group: Malware file
Last Updated: September 14, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{8417F8C6-5E6B-0A39-FCCA-108BED1E5FF2}\icsunattend.exe

File name: icsunattend.exe
Size: 250.13 KB (250138 bytes)
MD5: 65267f95c982712fc1abd86d28241bb7
Detection count: 815
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{8417F8C6-5E6B-0A39-FCCA-108BED1E5FF2}
Group: Malware file
Last Updated: June 30, 2016

%APPDATA%\{5ACA0CD5-1E89-4CC2-DA53-0D7C4BFC3CFF}\synctask.exe

File name: synctask.exe
Size: 342.01 KB (342016 bytes)
MD5: db6e02fb1434fcd13e52762381d3ac2f
Detection count: 815
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{5ACA0CD5-1E89-4CC2-DA53-0D7C4BFC3CFF}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{5F6354E3-BFB4-2443-C0DE-164E962AF494}\syncversion.exe

File name: syncversion.exe
Size: 427 KB (427008 bytes)
MD5: 9f100c0775bcc77d0e785d6a11acf4be
Detection count: 813
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{5F6354E3-BFB4-2443-C0DE-164E962AF494}
Group: Malware file
Last Updated: September 14, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{D8118AF0-6027-A2A0-A9D7-3C81E75B5593}\at.exe

File name: at.exe
Size: 199.43 KB (199430 bytes)
MD5: bd25b0b07c6a09191cdc6fedea022949
Detection count: 801
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{D8118AF0-6027-A2A0-A9D7-3C81E75B5593}
Group: Malware file
Last Updated: June 30, 2016

%APPDATA%\{6A98394A-0B2B-0A56-25B4-AF47E9810A94}\icardagt.exe

File name: icardagt.exe
Size: 397.56 KB (397568 bytes)
MD5: 39462c44f21cfaae2d5b1754218f784a
Detection count: 796
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{6A98394A-0B2B-0A56-25B4-AF47E9810A94}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{5F7A8D01-0C53-8D9C-514D-77B40E2F3EA9}\UpdateTask.exe

File name: UpdateTask.exe
Size: 396.8 KB (396800 bytes)
MD5: ef7c094275615af779d155a1e481683d
Detection count: 792
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{5F7A8D01-0C53-8D9C-514D-77B40E2F3EA9}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{3F67DBB1-6FBD-096D-2009-28B029DFE00F}\Sync.exe

File name: Sync.exe
Size: 331.77 KB (331776 bytes)
MD5: 3b520e88b45d8669ece56c38e3dfdf0f
Detection count: 789
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{3F67DBB1-6FBD-096D-2009-28B029DFE00F}
Group: Malware file
Last Updated: September 14, 2016

%SystemDrive%\Documents and Settings\Tomas\Application Data\_README_.hta

File name: _README_.hta
Size: 67.72 KB (67727 bytes)
MD5: 0a7fb1f205301a40ad463491a91d77ad
Detection count: 707
Mime Type: unknown/hta
Path: %SystemDrive%\Documents and Settings\Tomas\Application Data
Group: Malware file
Last Updated: April 28, 2017

%APPDATA%\{1796B844-2E3A-6B7F-AE85-38E31CC26AB7}\sync.exe

File name: sync.exe
Size: 420.86 KB (420864 bytes)
MD5: 8e3f31166b9e6663e6b7247e47ce8716
Detection count: 658
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{1796B844-2E3A-6B7F-AE85-38E31CC26AB7}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{6DEDED7B-47FB-72F4-A3E4-7B40A141B2FA}\Sync.exe

File name: Sync.exe
Size: 382.97 KB (382976 bytes)
MD5: ce590a8316784f0bcded1991ebf68b93
Detection count: 644
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{6DEDED7B-47FB-72F4-A3E4-7B40A141B2FA}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{06DF0841-E150-11DB-E29C-3A680C37D020}\syncversion.exe

File name: syncversion.exe
Size: 396.28 KB (396288 bytes)
MD5: 30c42c50fc4728245bf67e46b2b29a9a
Detection count: 635
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{06DF0841-E150-11DB-E29C-3A680C37D020}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{52155399-0CAC-C1D6-31F0-7B8667476241}\SyncTask.exe

File name: SyncTask.exe
Size: 408.57 KB (408576 bytes)
MD5: ab632e4d74f52279a7c1f880439f612b
Detection count: 618
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{52155399-0CAC-C1D6-31F0-7B8667476241}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{3FDB0D64-8AAE-CEB1-BB23-2200EFE2799A}\productupdate.exe

File name: productupdate.exe
Size: 494.08 KB (494080 bytes)
MD5: 9de51383978ecdfa943fc44c1dea89d2
Detection count: 607
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{3FDB0D64-8AAE-CEB1-BB23-2200EFE2799A}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{4BCF77F0-80E3-4C98-E6BE-33D7B8E78393}\syncversion.exe

File name: syncversion.exe
Size: 371.2 KB (371200 bytes)
MD5: ae68f524aa1db4871bda6613616d43c8
Detection count: 600
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{4BCF77F0-80E3-4C98-E6BE-33D7B8E78393}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{081C35F3-6243-81A1-3A45-093C032C2E9A}\mountvol.exe

File name: mountvol.exe
Size: 212.26 KB (212269 bytes)
MD5: 064de7c80f1e37a70ca7b6b72113f3a3
Detection count: 595
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{081C35F3-6243-81A1-3A45-093C032C2E9A}
Group: Malware file
Last Updated: September 14, 2016

%SystemDrive%\Users\<username>\README.hta

File name: README.hta
Size: 4.08 KB (4086 bytes)
MD5: c1910896218ab6aac5f4141e6671183d
Detection count: 593
Mime Type: unknown/hta
Path: %SystemDrive%\Users\worker
Group: Malware file
Last Updated: April 15, 2017

%APPDATA%\{6C4F68E0-BD51-69DA-6644-47E5099E8ACD}\SyncTask.exe

File name: SyncTask.exe
Size: 323.58 KB (323584 bytes)
MD5: f794385b9da4c48cb0cbf1e689139119
Detection count: 590
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{6C4F68E0-BD51-69DA-6644-47E5099E8ACD}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{2A8B8412-FAD5-9F8B-4C79-2DEE0EB04582}\UpdateTask.exe

File name: UpdateTask.exe
Size: 484.35 KB (484352 bytes)
MD5: 2b2e6a8a09b2b89c06527147fb2fdb14
Detection count: 581
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{2A8B8412-FAD5-9F8B-4C79-2DEE0EB04582}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{6830E82A-B404-1411-131E-2422ED48D29F}\SyncTask.exe

File name: SyncTask.exe
Size: 357.88 KB (357888 bytes)
MD5: cdaca3a6f98c6c846db3b3bf62a82aa4
Detection count: 557
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{6830E82A-B404-1411-131E-2422ED48D29F}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{DC62EAD9-F930-87AF-9206-A07D4ED45D43}\syncversion.exe

File name: syncversion.exe
Size: 306.68 KB (306688 bytes)
MD5: ab5d2c4b8bfd7cf7dede75b2046629f4
Detection count: 546
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{DC62EAD9-F930-87AF-9206-A07D4ED45D43}
Group: Malware file
Last Updated: September 14, 2016

%ALLUSERSPROFILE%\_README_NVSKN3_.hta

File name: _README_NVSKN3_.hta
Size: 67.74 KB (67748 bytes)
MD5: 6ac7f4dbc0dcb2f206f40ffad53adfbb
Detection count: 541
Mime Type: unknown/hta
Path: %ALLUSERSPROFILE%
Group: Malware file
Last Updated: April 28, 2017

%APPDATA%\{0527720E-EA10-60D1-C5AB-32F5E9B479E4}\productupdate.exe

File name: productupdate.exe
Size: 393.21 KB (393216 bytes)
MD5: 95c3ae55862a9c8ca7cbbc0bcbc19c5f
Detection count: 532
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{0527720E-EA10-60D1-C5AB-32F5E9B479E4}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{5476C7F9-F285-5562-136B-37626EE0A237}\Updater.exe

File name: Updater.exe
Size: 313.85 KB (313856 bytes)
MD5: f93a1ae6af042e37056ce5f83dd202d0
Detection count: 522
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{5476C7F9-F285-5562-136B-37626EE0A237}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{0DB40094-7AE8-5E8B-8D9B-4070BED95EE0}\updatetask.exe

File name: updatetask.exe
Size: 294.4 KB (294400 bytes)
MD5: 2c9c06cf5a8e8d945d881bb1b8bae04b
Detection count: 520
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{0DB40094-7AE8-5E8B-8D9B-4070BED95EE0}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{F473D0CD-0F9B-3447-D705-E535A5BBC2EA}\ntkrnlpa.exe

File name: ntkrnlpa.exe
Size: 259.32 KB (259328 bytes)
MD5: f40bc4088b5cbf4829f401449001eead
Detection count: 506
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{F473D0CD-0F9B-3447-D705-E535A5BBC2EA}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{11A4DFB3-F261-A42B-3AB9-2AEA92C1E0A0}\ProductUpdate.exe

File name: ProductUpdate.exe
Size: 477.18 KB (477184 bytes)
MD5: 1cb437e1723e7284073b5d039fe78cd4
Detection count: 504
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{11A4DFB3-F261-A42B-3AB9-2AEA92C1E0A0}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{141F2D91-E14C-A52B-7625-77A42486B28C}\Sync.exe

File name: Sync.exe
Size: 333.82 KB (333824 bytes)
MD5: d3e710e4f5dcf84931a41645c5415e9e
Detection count: 501
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{141F2D91-E14C-A52B-7625-77A42486B28C}
Group: Malware file
Last Updated: September 14, 2016

%ALLUSERSPROFILE%\README.hta

File name: README.hta
Size: 63.08 KB (63083 bytes)
MD5: b35bdb801c3d2a0eb78675c30f00b735
Detection count: 485
Mime Type: unknown/hta
Path: %ALLUSERSPROFILE%
Group: Malware file
Last Updated: April 15, 2017

%APPDATA%\{7A978B89-7279-D485-45F3-4FD4E16FC5D4}\ProductUpdate.exe

File name: ProductUpdate.exe
Size: 366.59 KB (366592 bytes)
MD5: bcd3f5775c661a4e95134cf8ff2c230d
Detection count: 485
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{7A978B89-7279-D485-45F3-4FD4E16FC5D4}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{33BAF060-DB38-0DCE-BDEB-0201EFE679E0}\Updater.exe

File name: Updater.exe
Size: 333.82 KB (333824 bytes)
MD5: 12855d346c78efa6595ce67ca485fad9
Detection count: 480
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{33BAF060-DB38-0DCE-BDEB-0201EFE679E0}
Group: Malware file
Last Updated: September 14, 2016

%WINDIR%\system32\config\systemprofile\AppData\Roaming\{69642301-0A55-0AFC-CCAE-FFD9082C3EBA}\grpconv.exe

File name: grpconv.exe
Size: 163.32 KB (163328 bytes)
MD5: 334ae3690413230fc0ba95434fe6ee54
Detection count: 480
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32\config\systemprofile\AppData\Roaming\{69642301-0A55-0AFC-CCAE-FFD9082C3EBA}
Group: Malware file
Last Updated: June 30, 2016

%APPDATA%\{A2A1941A-87F3-F96C-ECC5-DEBE30172380}\Updater.exe

File name: Updater.exe
Size: 339.96 KB (339968 bytes)
MD5: 426f1f2c489b48b1824ad7b69649dd09
Detection count: 461
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{A2A1941A-87F3-F96C-ECC5-DEBE30172380}
Group: Malware file
Last Updated: September 14, 2016

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup\README.hta

File name: README.hta
Size: 4.45 KB (4453 bytes)
MD5: 41df3867bbbf5c99b55d8ec72a931ae9
Detection count: 459
Mime Type: unknown/hta
Path: %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: April 15, 2017

%APPDATA%\{0D87F79C-0071-BF74-F16C-14AD5962511A}\updatetask.exe

File name: updatetask.exe
Size: 276.99 KB (276992 bytes)
MD5: be77a7d296f1a1201338a1d632cf9e3c
Detection count: 452
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{0D87F79C-0071-BF74-F16C-14AD5962511A}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{007236C9-2520-5BBF-4E16-7C6D92C48153}\SynHelper.exe

File name: SynHelper.exe
Size: 455.16 KB (455168 bytes)
MD5: f9551f6b9b01cbc1297de99758d43030
Detection count: 450
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{007236C9-2520-5BBF-4E16-7C6D92C48153}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{718A4731-54D8-2A47-3FEE-0D95E33CF0AB}\helperupdate.exe

File name: helperupdate.exe
Size: 461.31 KB (461312 bytes)
MD5: a138e1810d9bc425957c852dbcbcc5ec
Detection count: 447
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{718A4731-54D8-2A47-3FEE-0D95E33CF0AB}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\{0213BB18-AF46-A414-2E97-31374456A011}\productupdate.exe

File name: productupdate.exe
Size: 525.31 KB (525312 bytes)
MD5: 4cfdfa7d1db9af519087e76297d18d9f
Detection count: 436
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{0213BB18-AF46-A414-2E97-31374456A011}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\README.hta

File name: README.hta
Size: 63.11 KB (63111 bytes)
MD5: 5edf5d47f5d40ed06730cf4fb45e3a29
Detection count: 433
Mime Type: unknown/hta
Path: %APPDATA%
Group: Malware file
Last Updated: February 24, 2017

%APPDATA%\{5D3C548E-147E-A913-D7DB-217BCD6CA17D}\SyncVersion.exe

File name: SyncVersion.exe
Size: 536.57 KB (536576 bytes)
MD5: 7f3f9b904fa78dd34976daeb0dd6535d
Detection count: 429
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\{5D3C548E-147E-A913-D7DB-217BCD6CA17D}
Group: Malware file
Last Updated: September 14, 2016

%APPDATA%\README.hta

File name: README.hta
Size: 63.11 KB (63111 bytes)
MD5: 60b0d6c8cfde0bff0a1a9d6ca6b5e93c
Detection count: 426
Mime Type: unknown/hta
Path: %APPDATA%
Group: Malware file
Last Updated: February 24, 2017

%APPDATA%\README.hta

File name: README.hta
Size: 63.11 KB (63111 bytes)
MD5: c66e4af0fe95bc3f5ff8694d4ddd3d33
Detection count: 417
Mime Type: unknown/hta
Path: %APPDATA%
Group: Malware file
Last Updated: February 24, 2017

%APPDATA%\README.hta

File name: README.hta
Size: 63.11 KB (63111 bytes)
MD5: 039e9c93bd465d729a4ed741b9c2a9ce
Detection count: 405
Mime Type: unknown/hta
Path: %APPDATA%
Group: Malware file
Last Updated: February 24, 2017

%USERPROFILE%\Start Menu\Programs\Startup\README.hta

File name: README.hta
Size: 63.11 KB (63111 bytes)
MD5: 7e277ee5d87e2b6fcf8b66988880ac6c
Detection count: 391
Mime Type: unknown/hta
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: April 15, 2017

%SystemDrive%\Users\<username>\AppData\Roaming\README.hta

File name: README.hta
Size: 63.05 KB (63059 bytes)
MD5: 356f1d64c43d7270702390dc000cc822
Detection count: 358
Mime Type: unknown/hta
Path: %SystemDrive%\Users\<username>\AppData\Roaming
Group: Malware file
Last Updated: April 15, 2017

%APPDATA%\README.hta

File name: README.hta
Size: 63.05 KB (63059 bytes)
MD5: 56cbb0d10795bb21736c74ae1d3aaea4
Detection count: 349
Mime Type: unknown/hta
Path: %APPDATA%
Group: Malware file
Last Updated: February 24, 2017