Home Malware Programs Trojans TrojanDownloader:Win32/Kolilks.B

TrojanDownloader:Win32/Kolilks.B

Posted: December 17, 2009

TrojanDownloader:Win32/Kolilks.B is a malicious Trojan horse or bot that may be a security risk to the compromised system and/or its network environment. TrojanDownloader:Win32/Kolilks.B is a Trojan Downloader program that is usually installed through an exploit or some other tricky. TrojanDownloader:Win32/Kolilks.B helps attackers download and install other or undesired software onto a victim's PC. TrojanDownloader:Win32/Kolilks.B may download adware, spyware or other malware from multiple servers or sources on the Internet.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %ProgramFiles%\FN8WU\KV1KBT.scr
    2 %ProgramFiles%\FN8WU\OOGF0EI4UO.scr
    3 %Windir%\uxdrqmlpfpxnfyc.dll
    4 %Windir%\UXDRQMLPFPXNFYC.txt
    5 c:\G3KRMCTQ3ETS.EXE
    6 c:\g3krmctq3ets.exe.lnk

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEE55088-9CE9-3758-6B4F-4CA2CBD892E1}\InprocServer32][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEE55088-9CE9-3758-6B4F-4CA2CBD892E1}\TypeLib][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEE55088-9CE9-3758-6B4F-4CA2CBD892E1}\VersionIndependentProgID][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEE55088-9CE9-3758-6B4F-4CA2CBD892E1}][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{11D9AE74-3FC1-41D6-911B-F5F503BBD8FE}\ProxyStubClsid][HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Thunder.xunlei.1]HKEY..\..\..\..{RegistryKeys}(Default) = "%Windir%\uxdrqmlpfpxnfyc.dll"(Default) = "Thunder.xunlei"(Default) = "xunlei Class"(Default) = "{00020424-0000-0000-C000-000000000046}"(Default) = "{97EFC6B7-C73A-423E-8458-82C589CA7E3B}"ThreadingModel = "Apartment"
Loading...