Malware Trojan.Win32.Sasfis.utv – Trojan has a destructive effect on the user’s computer.
Technical details
Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 19,456 bytes. Written in C + +.
Destructive activity
After starting the Trojan decrypts and extracts from his body in the temporary directory of the current user file:
% Temp%<rnd1> . tmp
Where <rnd1> – random set of numbers and letters of the alphabet.
This file has a size of 26,113 bytes, and is detected by Kaspersky Antivirus as Backdoor.Win32.Bredavi.byc.
The Trojan then loaded into the address space the extracted file and launches it contains malicious code.
Removal
If your computer was not protected by Antivirus and is infected with this malware, then to delete the following:
Delete the original Trojan file (the location of the victim will depend on how the program originally penetrated the victim machine).
Delete files:
% Temp% \ <rnd1>. tmp
where <rnd1> – random set of numbers and letters of the alphabet.
