Threat Database Trojans FakeAlert-PL

FakeAlert-PL

FakeAlert-PL is a Trojan infection that displays fake security alerts on a victim's screen. FakeAlert-PL is able to enter a PC by exploiting known vulnerabilities. FakeAlert-PL may download rogueware onto your system and create a registry entry to ensure it executes with every system start-up. Remove FakeAlert-PL from your system and do not believe the fake alerts its displays.

Aliases

1 security vendors flagged this file as malicious.

Anti-Virus Software Detection
- Rogue:Win32/FakeVimes

File System Details

FakeAlert-PL may create the following file(s):
# File Name Detections
1. %AppData%\hotfix.exe
2. packed with UPX [Kaspersky Lab] 2 %AppData%\jsfhjjsd.bat 177 bytes MD5: 0x9B816FDFFAD9F9D670C9D7533D332086
3. SHA-1: 0x3761F6F8AC7E54F309A55B1D22452107C381732E (not available) 5 %Windir%\Tasks\At11.job 404 bytes MD5: 0x92661693F7F4E07F70498E0E65517243
4. SHA-1: 0x50FCE91B7033D18BAC602A6CB0840BAAA915C353 (not available) 8 %Windir%\Tasks\At14.job 404 bytes MD5: 0xFC2929CCFDA047D19952E753B596E454
5. SHA-1: 0xDE1D98B24C8A75A9A95629846774B9EEAE2A0E3D (not available) 11 %Windir%\Tasks\At17.job 404 bytes MD5: 0xECBA5C85B9223404EAAD01B2D4CDB9A7
6. SHA-1: 0xF37D7681227D0B3A47928B558D1205C8382FC080 (not available) 14 %Windir%\Tasks\At2.job 404 bytes MD5: 0x96B6C12CEE6FB5F18B015CB62E15B490
7. SHA-1: 0x7D4EF99A972B7AE22661A2B4339962D2FDD0F11F (not available) 17 %Windir%\Tasks\At22.job 404 bytes MD5: 0x74976AB4413C2CDC3CE8A46F87D88FED
8. SHA-1: 0x19B5003701C43360BEF89A5AB2DA6C624A94045F (not available) 20 %Windir%\Tasks\At3.job 404 bytes MD5: 0x6881A16C8C58EEF47F7C1C58A52748A8
9. SHA-1: 0x5A010D2C629C09E7E1396614CC61B7767C1E5EB9 (not available) 23 %Windir%\Tasks\At6.job 404 bytes MD5: 0x3DDD5DE0CC40AFFF8C2338535EC2D206
10. SHA-1: 0xEC9558837515E84AE941E3F3137F99069E9AD233 (not available) 26 %Windir%\Tasks\At9.job 404 bytes MD5: 0x5859BE524296F093FC82FB3D1E143A3C
11. SHA-1: 0xDB31462F556A6DF736F1B29070126CDA3536763F SecurityEssentialFraud [Symantec]
12. SHA-1: 0xD3CE762AFEA4B26AB420617D7F3CFB7FC7E83BF2 (not available) 4 %Windir%\Tasks\At10.job 404 bytes MD5: 0x7F4110C9524CA539C5F5E8FE7C0A443D
13. SHA-1: 0xA0DADF84A50F527F516000E408C448456678EF3E (not available) 7 %Windir%\Tasks\At13.job 404 bytes MD5: 0x1BC8F55331A889EDEED1C7794CB0FEEF
14. SHA-1: 0x6568F33BD98D0BAE131644FE0B264792F3BBD093 (not available) 10 %Windir%\Tasks\At16.job 404 bytes MD5: 0x6D3CE808B9E0250A29FEF611A1739479
15. SHA-1: 0xFA09692C1D293CC0674D4B920909C6118C6917FF (not available) 13 %Windir%\Tasks\At19.job 404 bytes MD5: 0xCD2F0F951FEF2205633E387F2E6B139B
16. SHA-1: 0x968FC35BFF6B037ADB88347B0BC5B73B69085F9F (not available) 16 %Windir%\Tasks\At21.job 404 bytes MD5: 0xE5A0608AB7610C56EB0E1940D8CC9049
17. SHA-1: 0x6345E04476CD865CEB2017BB6091EEE2B80759F6 (not available) 19 %Windir%\Tasks\At24.job 404 bytes MD5: 0x610C921EB1A69621F844F5C7C6AC5E79
18. SHA-1: 0xDB89256677ED4BDD75BAE69E8F307F23B104C679 (not available) 22 %Windir%\Tasks\At5.job 404 bytes MD5: 0x6A2801EDD6CBAECDAA39C96A91508F18
19. SHA-1: 0xEC0E018E03278C0B2C37DABA158E3440D89D8026 (not available) 25 %Windir%\Tasks\At8.job 404 bytes MD5: 0x047B9DFF02F7E561D2B005F51192DC2F
20. [file and pathname of the sample #1] 737,280 bytes MD5: 0x414DF2C09DBC801AE83A0A76F9949C31
21. SHA-1: 0xC2DDB15DFDAD044BDD015D6B94DDE296508F9354 (not available) 3 %Windir%\Tasks\At1.job 404 bytes MD5: 0x282227689DBB0FC9248D7E01D044B7B2
22. SHA-1: 0x6F45871601AB4A13FC933BE121FFA3D7A19DD3ED (not available) 6 %Windir%\Tasks\At12.job 404 bytes MD5: 0x857E8181375D303FD1BD8EB673F60FC6
23. SHA-1: 0x5267105062E60553211D30381098C49355152AC7 (not available) 9 %Windir%\Tasks\At15.job 404 bytes MD5: 0x1D321A503782ED348270472A23A8B58F
24. SHA-1: 0x577DB45EE77A6714A0B88BDB679DDFFCFE5BBB26 (not available) 12 %Windir%\Tasks\At18.job 404 bytes MD5: 0xED7599C1E2FB271ECCF7D319CEE43B3E
25. SHA-1: 0x053121300F09E52FC7280B5BA2AAA49D01820249 (not available) 15 %Windir%\Tasks\At20.job 404 bytes MD5: 0xA3086F8D2241FAA5581C9738D26292C1
26. SHA-1: 0x46C18DA4C149CE564E74B4B680734A815E3E2872 (not available) 18 %Windir%\Tasks\At23.job 404 bytes MD5: 0xAD3C47E520FE6BE21AB49C3E90B3E579
27. SHA-1: 0xC81D9C5C0393723DFFF66D9A919E37D4BE4BA7A3 (not available) 21 %Windir%\Tasks\At4.job 404 bytes MD5: 0xB07FB69F4BB399D1BFF9CC29C4C10B79
28. SHA-1: 0x6EBA8D6AEA22EB90E807321A8166EDB75D45878D (not available) 24 %Windir%\Tasks\At7.job 404 bytes MD5: 0x02C92CE2850B2363C5A89089E973274F
29. SHA-1: 0x41B2F8BAA7F4BFFDB5BAD41BED99CFCE9D45F827

Registry Details

FakeAlert-PL may create the following registry entry or registry entries:
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

Trending

Most Viewed

Loading...