Threat Database Trojans Trojan.Spambot.11349

Trojan.Spambot.11349

By Domesticus in Trojans

Threat Scorecard

Ranking: 16,393
Threat Level: 80 % (High)
Infected Computers: 170
First Seen: May 24, 2012
Last Seen: July 22, 2023
OS(es) Affected: Windows

Trojan.Spambot.11349 is a Trojan that corrupts the affected computer system via security loopholes and malicious downloads. Trojan.Spambot.11349 can also affect the PC system via infected spam email attachments and fake video media codecs. After successful installation, Trojan.Spambot.11349 creates the particular files on the machine. Trojan.Spambot.11349 can also delete specific files on the targeted PC. Trojan.Spambot.11349 changes the HOSTS file. Trojan.Spambot.11349 can also modify the Windows registry by changing several registry keys. To bypass firewall, Trojan.Spambot.11349 deletes or changes the certain registry entries.

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Panda Trj/CI.A
AVG Generic32.CKRP
AhnLab-V3 Dropper/Win32.Injector
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.B
Kaspersky Trojan-Dropper.Win32.Injector.idwe
McAfee PWS-Zbot-FAQD!072419361172
Fortinet W32/Jorik.CTPG!tr
Comodo Heur.Suspicious
Kaspersky Trojan-Ransom.Win32.PornoAsset.cfbu
Symantec WS.Reputation.1
McAfee PWS-Zbot-FAQD!B9521019D1DC
Panda Suspicious file
AVG Generic28.BTNU
Fortinet W32/Kryptik.WDV!tr
Ikarus Packed.Win32.Krap

SpyHunter Detects & Remove Trojan.Spambot.11349

File System Details

Trojan.Spambot.11349 may create the following file(s):
# File Name MD5 Detections
1. qokozypkabaq.exe b9521019d1dcbedd8eee170c7219ac20 18
2. file.exe 9342dc72e9b7597d1a7ff2c80eeda966 10
3. file.exe e1d9f25fddbd348e15bf54d2fa974f91 2
4. %AppData%\desktop.ini
5. %AppData%\ntuser.dat
6. file.exe 41a0b12f348bb7e3c487e9efaa6dc9a8 0
7. file.exe 107ce3a3c1d14b256a392ef48136ce6b 0
8. SVCNOST.EXE 4a849ba946d2dd7af4d12f9f5ad15858 0
9. ferest1.tmp 4cb4d565fbd459a0da0b3c42c09dd5d7 0

Registry Details

Trojan.Spambot.11349 may create the following registry entry or registry entries:
[\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Init'= '"%APPDATA%\x3ctnjmbqssceevmcdfs2pzhzy3sknhv2\svcnost.exe"'
[\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%APPDATA%\x3ctnjmbqssceevmcdfs2pzhzy3sknhv2\svcnost.exe' = '%APPDATA%\x3ctnjmbqssceevmcdfs2pzhzy3sknhv2\svcnost.exe:*:Enabled:ldrsoft'
SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\purplefeather.exe
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PurpleFeather

Directories

Trojan.Spambot.11349 may create the following directory or directories:

%APPDATA%\PurpleFeather

Trending

Most Viewed

Loading...