Trojan:Win32/Alureon.GC
Trojan:Win32/Alureon.GC is a Trojan that replicates itself to a particular location on a compromised PC. Trojan:Win32/Alureon.GC checks which Windows version a computer user is running and installs a specific version of itself. Trojan:Win32/Alureon.GC creates the registry entry to make sure that it starts whenever the computer user boots up the corrupted PC. Trojan:Win32/Alureon.GC aims to embed its payload into the files such as Explorer.exe, Firefox.exe, Iexplore.exe and Mozilla.exe. Trojan:Win32/Alureon.GC contacts a remote server indicated in its configuration file. The configuration file may incorporate the instructions such as dropping and installing files, dropping and installing modules, updating itself, inserting itself into processes using various methods, transmitting logs of its activity to a distant server and writing to a configuration file. The dropped configuration file is stored in a specific location of the targeted computer system. The file is encrypted using a version of the RC4 encryption algorithm and the key is produced using the attacked PC's GUID to make it hard to decrypt.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %ALLUSERPROFILE%\[random_file name].exe | |
| 2. | %ALLUSERPROFILE%\[random_letters].cfg |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.