Home / malwarePDF  

Virus:Win32/Parite.C


First posted on 19 February 2019.
Source: Microsoft

Aliases :

Virus:Win32/Parite.C is also known as Win32/Pinfi.A, Win32/Parite.B, W32/Pate.b, W32.Pinfi, PE_PARITE.A.

Explanation :

The Win32/Parite virus is a polymorphic file infector. When run on a system, Win32/Parite takes the following actions: Drops a dynamic link library (DLL) to the Windows Temp directory, composing the name based on the current system time at the time of infection, using the format <3 letters><4 hex characters>.tmp Injects the DLL into the explorer.exe process and modifies the registry to point to that DLL:Adds Subkey: PINFTo key: HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorer Infects all portable EXE and SCR files found on local and shared network drives.

Last update 19 February 2019

 

TOP