Dropper.Win32.Dapato.pj!1a
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 90 % (High) |
Infected Computers: | 3 |
First Seen: | June 28, 2012 |
Last Seen: | October 18, 2020 |
OS(es) Affected: | Windows |
There's a spam email message, detected in June of 2012, that is used to infect computer systems with rogue security software and a nasty rootkit infection. This malicious email message will contain an attached ZIP file that is actually a Trojan dropper detected as Dropper.Win32.Dapato.pj!1a by some security applications. To prevent becoming infected with the Dropper.Win32.Dapato.pj!1a Trojan dropper, ESG security researchers strongly recommend keeping your anti-spam filter updated and running at all times as well as never opening email attachments contained in unsolicited email messages.
Dropper.Win32.Dapato.pj!1a is Contained in a Fake Message from Delta Airlines
Most PC security researchers know that school vacation periods often mean a rise in spam email messages claiming to have been sent by airlines, hotels, or similar businesses. These messages will usually use the same scam: they will claim to be a ticket or hotel reservation and urge the victim to unclose an attached file in order to view the details of their reservation. Of course, opening the attached file actually installs malware on the victim's computer system.
In the case of the malicious email message containing the Dropper.Win32.Dapato.pj!1a Trojan, it claims to have been sent by Delta airlines and will contain an attached ZIP file named Ticket_Delta_Airlines_IN2139.zip which, instead of containing the victim's ticket information, will actually contain the Dropper.Win32.Dapato.pj!1a Trojan Dropper. The full text of this malicious email message reads:
Hello, E-TICKET / EH065894335
SEAT / 77E/ZONE 2
DATE / TIME 20 JUNE, 2012, 09:55 AM
ARRIVING / Virginia Beach
FORM OF PAYMENT / CC
TOTAL PRICE / 276.42 USD
REF / EF.5709 ST / OK
BAG / 4PC
Your bought ticket is attached to the letter as a scan document. You can print your ticket. Thank you for using our airline company services. Delta Air Lines.
The Consequences of Opening Dropper.Win32.Dapato.pj!1a's Malicious Email Message
The attached ZIP file contains a variety of malware infections that can cause severe problems on the infected computer system. Dropper.Win32.Dapato.pj!1a will install a variant of the nasty Sirefef rootkit family. This rootkit family has been associated with a variety of malware scams, from browser hijackers to fake security applications. It is also particularly difficult to remove and will often require a specialized anti-rootkit application. Once installed, components in this malicious rootkit will establish a backdoor into the infected computer system and download and install fake security software in the WinWebSec family of malware.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.