Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:TR/PSW.Magania.erbp.6
Date discovered:25/05/2011
Type:Trojan
In the wild:Yes
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:47.316 Bytes
MD5 checksum:76ED8C04864C7A6A944ECDD0C9E93951
VDF version:7.11.08.140 - Wednesday, May 25, 2011
IVDF version:7.11.08.140 - Wednesday, May 25, 2011

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan-GameThief.Win32.Magania.erfg
   •  Sophos: Mal/Behav-160
     Microsoft: Trojan:Win32/Sisproc


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows 7


Side effects:
   • Drops files

 Files The following files are created:

%TEMPDIR%\lpk.dll Further investigation pointed out that this file is malware, too. Detected as: TR/PSW.Magania.erbp.6

%SYSDIR%\lpk32.dll
%SYSDIR%\lpk.dll Further investigation pointed out that this file is malware, too. Detected as: TR/PSW.Magania.erbp.6

%TEMPDIR%\delself.bat This batch file is used to delete a file.

 File details Programming language:
The malware program was written in MS Visual C++.


Runtime packer:
In order to aggravate detection and reduce size of the file it is packed with a runtime packer.

Description inserted by Andrei Ilie on Wednesday, June 1, 2011
Description updated by Andrei Ilie on Monday, June 6, 2011

Back . . . .