Virus:TR/PSW.Papras.A.2
Date discovered:31/03/2011
Type:Trojan
In the wild:Yes
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Medium
Static file:Yes
File size:371027 Bytes
MD5 checksum:7db7070b44405cd8bedbe8fe7acf3c80
VDF version:7.11.05.134 - Wednesday, March 30, 2011
IVDF version:7.11.05.134 - Wednesday, March 30, 2011

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan-PSW.Win32.Papras.bll
   •  Sophos: Mal/FakeAV-EA
   •  Avast: Win32:FakeSysdef-ED
   •  Microsoft: TrojanDownloader:Win32/Harnig.S
   •  AVG: Downloader.ADY
   •  Panda: Adware/BroserSeek
   •  AhnLab: Trojan/Win32.Papras
   •  Fortinet: W32/Krap.AON!tr
   •  Ikarus: Trojan-Downloader.Win32.Harnig


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Drops malicious files

 Files The following files are created:

– C:\temp\91337e03-fc3f-4959-b06c-3e832a2545fc\OfferApp-2529.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: TR/Dldr.Harnig.S.210

– C:\temp\91337e03-fc3f-4959-b06c-3e832a2545fc\OfferApp-2526.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: TR/Dldr.PinchLord.C

Description inserted by Lutz Koch on Thursday, March 31, 2011
Description updated by Lutz Koch on Thursday, March 31, 2011

Back . . . .
 
 
 
 

© 2013 Avira Operations GmbH & Co. KG. All rights reserved.

My Account

https:// This window is encrypted for your security.