English 
Rootkit.Small.ra Rootkit.Small.ra
By
GoldSparrow in 
Loading ...
Rootkit.Small.ra Description
Rootkit.Small.ra is a rootkit infection which conceals itself as a security tool. Rootkit.Small.ra enters the users system through a Trojan application which imitates Windows firewall notifications to entice the user to click on the “Enable Protection” button and thereby installs the Trojan. Rootkit.Small.ra will perform pretend scans that will produce numerous infections that do not exist. This is all conducted to fool the user into buying the full paid version of the application. Rootkit.Small.ra may also download additional malware to the users system. Rootkit.Small.ra poses a serious threat as it could permit an attacker to steal personal information. Rootkit.Small.ra is also capable of hijacking the user’s web browser and redirecting it to its website. Rootkit.Small.ra may slow down the user’s computer and internet connection. Rootkit.Small.ra is a dangerous threat and should be removed without hesitation.
Type: Rootkits
Automatic Detection of Rootkit.Small.ra
Rootkit.Small.ra Technical Report
As new Rootkit.Small.ra details are reported by our customers and findings from our Threat Research Center, we will update this section.
The following Rootkit.Small.ra files with its MD5s were created in the system:
| File Name | File Size | MD5 |
|---|
| autochk.dll | 21504 | 10418fcd3a60d0bb85e736a326c4e73d |
| autochk.dll | 22016 | 49a9dee69171feb03013fa2a45c28fb1 |
| autochk.dll | 22016 | 9628dde5d7a6a9ff6e1fee8d87c575d1 |
| autochk.dll | 22016 | 13af8f5c546e9e82ab5ee2b1c4c4beac |
| autochk.dll | 22016 | 8bef106a7580f5915fa29867c57a5fd1 |
| autochk.dll | 24064 | 1859a363d98b374bf91f6e68ff0e5406 |
| autochk.dll | 24064 | 87a2583de6f6fbb5104e0433e89b1bcf |
| autochk.dll | 23552 | c63fb1c40b0f0a7024504b24b8f0a14d |
Rootkit.Small.ra has typically the following processes in memory:
- autochk.dll
- %SYSTEMROOT%\system32\autochk.dll
Important Article Disclaimer
