Security home


Home / malwarePDF  


First posted on 23 June 2012.
Source: Microsoft

Aliases :

Trojan:Win32/Sirefef.AK is also known as Win32/Sirefef.EU trojan (ESET), Trojan.Win32.Alureon (Ikarus), ZeroAccess.ep (McAfee), Mal/ZAccess-CA (Sophos), TROJ_ALUREON.CYZ (Trend Micro).

Explanation :

Trojan:Win32/Sirefef.AK is a component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by changing search results, and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing a payload.


Trojan:Win32/Sirefef.AK is installed and run by other variants of Win32/Sirefef and may have the file name "80000032.@".


Trojan:Win32/Sirefef.AK provides two function calls for Win32/Sirefef:

  • 80000032_1
  • 80000032_2

These two functions are used to drop additional components to the infected system, and to generate clicks for selective websites:

  • Gourmandia_com

For more information, please see the Win32/Sirefef family entry elsewhere in our encyclopedia.

Analysis by Shali Hsieh

Last update 23 June 2012



Malware :