Home / malware Trojan:Win32/Sirefef.K
First posted on 05 January 2012.
Source: MicrosoftAliases :
Trojan:Win32/Sirefef.K is also known as Win-Trojan/Agent.16384.BHU (AhnLab), Trojan.Win32.Zapchast.sgn (Kaspersky), Mal/Sirefef-K (Sophos), W32.Rontokbro@mm (Symantec), TROJ_SIREFEF.DC (Trend Micro).
Explanation :
Trojan:Win32/Sirefef.K is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.
Top
Trojan:Win32/Sirefef.K is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.
Trojan:Win32/Sirefef.K is the detection for a Sirefef component that injects malicious code into a process such as "svchost.exe".
In the wild, Trojan:Win32/Sirefef.K is found to be dropped by another component, detected as TrojanDropper:win32/Sirefef.B, and may be present as a file named "800000cb.@".
Analysis by Edgardo DiazLast update 05 January 2012