Posts Tagged ‘Trojan Win32’

Virus AlertThe Virus “Medfos” replace contents of searches on the user’s system.

Microsoft Corporation announces a new family of “Win32/Medfos” viruses, which last several months actively spreading around the world. The virus to infect the system normally uses the component of loader, which is distributed by several different methods. Thus, attackers often use compromised web-sites to redirect users to a page with exploits, as well as appeal to the owners of already deployed botnets and viruses onto previously compromised system.

Medfos bootable component is installed in the %AppData% folder and adds its entries in the registry to complicate its detection. (more…)

Virus AlertTrojan.Win32.Jorik.Carberp.hb – Spyware is designed to steal confidential user data.

Technical details

Spyware is designed to steal confidential user data. It is a Windows (PE-EXE file). Has a size of 233,867 bytes. Packed with an unknown packer. Unpacked size – about 242 KB. Written in C + +.

Installation

After you activate the Trojan takes interceptors installed in System Service Descriptor Table (SSDT).

Further copies its body to the startup folder of the current user Windows:

% Documents and Settings% \% Current User% \ Start Menu \ Programs \ Startup \ igfxtray.exe

Thus, a copy of the Trojan is launched automatically each time the system. (more…)

Virus AlertTrojan.Win32.Delf.cbbm – Trojan provides a remote malicious user with access to the infected computer.

Technical details

Trojan provides a remote malicious user with access to the infected computer. Is a dynamic library Windows (PE DLL-file). Has a size of 751,725 ​​bytes. It is written in Delphi.

Destructive activity

After you activate the Trojan connects to one of the following servers attacker:

cache.dyndns.tv docs.dyndns.org dns.dellsupports.com krb.dellsupports.com
An attacker’s server the following information: (more…)

Virus AlertMalware Trojan.Win32.Sasfis.utv – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 19,456 bytes. Written in C + +.

Destructive activity

After starting the Trojan decrypts and extracts from his body in the temporary directory of the current user file:

% Temp%<rnd1> . tmp

Where <rnd1> – random set of numbers and letters of the alphabet. (more…)

Virus AlertTrojan.Win32.VkHost.coc – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 418,304 bytes. It is written in Delphi.

Destructive activity

After starting the Trojan overwrites the original file “hosts”:

C: \ WINDOWS \ system32 \ drivers \ etc \ hosts

Writing into this file: (more…)

Malware Trojan.Win32.Agent.gwvg – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). 45056 bytes in size. It is written in Delphi.

Destructive activity

After starting the Trojan will search for and delete the following files: (more…)

Malware Trojan.Win32.Agent.hpjr – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 28672 bytes. The program is packed unknown packer. Unpacked size – about 120 KB. Written in C + +.

Destructive activity

The Trojan malicious payload directly in the context of its process or if the operating system under Windows Vista, inject malicious code into the process: (more…)

Malware Trojan.Win32.Oficla.cxf – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). Has a size of 22528 bytes. Written in C + +.

Destructive activity

After starting the Trojan decrypts and extracts from his body in the temporary directory of the current user file: (more…)

Malware Trojan.Win32.Oficla.dxy – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE DLL-file). 20480 bytes in size. Written in C + +.

Installation

The Trojan copies its body to the current user’s temporary directory under the name “ibee.dwo”: (more…)

Malware Trojan.Win32.Oficla.ebb – Trojan has a destructive effect on the user’s computer.

Technical details

Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE DLL-file). 20480 bytes in size. Written in C + +.

Installation

The Trojan copies its body to the current user’s temporary directory under the name “mifs.pbo”: (more…)