C1c117a8fbcd87b1c52a7c1c8e4bd2c9
Jump to navigation
Jump to search
Description
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Screenshots
Once the machine is infected, the following screen appears on top of every windows:
File information
The infected file has following characteristics:
- SHA256: d23a8760b0afe8dcc56c5270f72789997dd0183ed5be6591da2fc55bd0a7645b
- SHA1: 01c9d61f41a798d0c9f75f5a50b4edc8d19e38ff
- MD5: c1c117a8fbcd87b1c52a7c1c8e4bd2c9
- File size: 91.7 KB ( 93909 bytes )
It's been found under 2 following locations:
- C:\Program Files\Roxio\PKxcWuug.exe
- C:\Program Files\Microsoft Office\lghLorAa.exe
Detection
Antivirus detection
- Detection ratio: 23/48 (2013-09-30)
| Antivirus | Result | Update |
|---|---|---|
| AntiVir | TR/Crypt.Xpack.9389 | 20130930 |
| Antiy-AVL | Trojan/Win32.Fareit | 20130930 |
| Avast | Win32:Fareit-JX [Trj] | 20130930 |
| AVG | PSW.Generic12.AO | 20130929 |
| BitDefender | Gen:Variant.Graftor.116379 | 20130930 |
| Bkav | HW32.CDB.26ea | 20130927 |
| Comodo | UnclassifiedMalware | 20130930 |
| DrWeb | Trojan.PWS.Stealer.3243 | 20130930 |
| Emsisoft | Gen:Variant.Graftor.116379 (B) | 20130930 |
| ESET-NOD32 | a variant of Win32/Injector.ANMH | 20130930 |
| F-Secure | Gen:Variant.Graftor.116379 | 20130930 |
| Fortinet | W32/Blocker.CJWX!tr | 20130930 |
| GData | Gen:Variant.Graftor.116379 | 20130930 |
| Kaspersky | Trojan-Ransom.Win32.Blocker.cjwx | 20130930 |
| Kingsoft | Win32.Heur.KVMF58.hy.(kcloud) | 20130829 |
| McAfee | RDN/Spybot.bfr!h | 20130930 |
| McAfee-GW-Edition | Artemis!C1C117A8FBCD | 20130929 |
| Microsoft | TrojanDownloader:Win32/Dimegup.A | 20130930 |
| MicroWorld-eScan | Gen:Variant.Graftor.116379 | 20130930 |
| Norman | Troj_Generic.QAOFH | 20130930 |
| Sophos | Mal/Generic-S | 20130930 |
| TrendMicro-HouseCall | TROJ_GEN.F03TH00IT13 | 20130930 |
| VIPRE | Trojan.Win32.Generic!BT | 20130930 |
Network indicators
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Host based indicators
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.