Home / malwarePDF  

Trojan:Win32/Sirefef.I


First posted on 15 November 2011.
Source: SecurityHome

Aliases :

Trojan:Win32/Sirefef.I is also known as Trojan.Win32.Zapchast.slx (Kaspersky), Trojan.Win32.Sirefef (Ikarus), Troj/Sirefef-N (Sophos), TROJ_ZACCESS.F (Trend Micro).

Explanation :

Trojan:Win32/Sirefef.I is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.


Top

Trojan:Win32/Sirefef.I is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.

Trojan:Win32/Sirefef.I is the detection for the Sirefef component that injects malicious code into a process such as "svchost.exe".

In the wild, Trojan:Win32/Sirefef.I is found to be dropped by another component, detected as TrojanDropper:win32/Sirefef.B.



Analysis by Jireh Sanico

Last update 15 November 2011

 

TOP