Home / malware Trojan:Win32/Sefnit.E
First posted on 16 October 2019.
Source: MicrosoftAliases :
There are no other names known for Trojan:Win32/Sefnit.E.
Explanation :
Trojan:Win32/Sefnit.E is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer. Installation Trojan:Win32/Sefnit.E creates the following files on an affected computer:
%programfiles%common filesfolderfolderoptions.dll c:documents and settingsadministratorlocal settings empdbf-viewer-2000-3.25.1.exe c:documents and settingsadministratorlocal settings empdbf-viewer-2000-3.25.1.log c:documents and settingsadministratorlocal settings empwindll.dll c:documents and settingsadministratorlocal settings emp
sh11.tmpinstalloptions.dll c:documents and settingsadministratorlocal settings emp
sh11.tmpioc.ini c:documents and settingsadministratorlocal settings emp
sh11.tmpiospecial.ini c:documents and settingsadministratorlocal settings emp
sh11.tmpmodern-wizard.bmp c:documents and settingsadministratorlocal settings emp
srf.tmp
sisdl.dll Payload Contacts remote host Trojan:Win32/Sefnit.E may contact a remote host at torrentsfiles.net using port 80. Commonly, malware may contact a remote host for the following purposes: To report a new infection to its author To receive configuration or other data To download and execute arbitrary files (including updates or additional malware) To receive instruction from a remote attacker To upload data taken from the affected computer
This malware description was produced and published using our automated analysis system's examination of file SHA1 00f465d3ffa89bb28287fcbbd92014d184c50f4c.Last update 16 October 2019
