Home / malwarePDF  

Trojan:Win32/Sirefef.K


First posted on 05 January 2012.
Source: Microsoft

Aliases :

Trojan:Win32/Sirefef.K is also known as Win-Trojan/Agent.16384.BHU (AhnLab), Trojan.Win32.Zapchast.sgn (Kaspersky), Mal/Sirefef-K (Sophos), W32.Rontokbro@mm (Symantec), TROJ_SIREFEF.DC (Trend Micro).

Explanation :

Trojan:Win32/Sirefef.K is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.
Top

Trojan:Win32/Sirefef.K is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.

Trojan:Win32/Sirefef.K is the detection for a Sirefef component that injects malicious code into a process such as "svchost.exe".

In the wild, Trojan:Win32/Sirefef.K is found to be dropped by another component, detected as TrojanDropper:win32/Sirefef.B, and may be present as a file named "800000cb.@".



Analysis by Edgardo Diaz

Last update 05 January 2012

 

TOP