Troj/ST2012V-A
As the American elections start to get heated up, PC security researchers are on alert. As most computer security experts will tell you, whenever a highly publicized event like the American Presidential elections is taking place, there will always be a rise in malware attacks. This is because criminals tend to take advantage of these events to carry out social engineering attacks through email, fraudulent websites, and social network attacks. Within hours of a breaking news story (for example, the death of a celebrity – a recent example was the death of Whitney Houston), computer users will start receiving spam email claiming to contain a new development in the story. These kinds of email attacks will typically contain a file attachment or embedded link that results in malware entering the victim's computer. In fact, it is highly likely that you can get an idea for the top developments from the past year by simply looking at the subject lines in your spam folder!
Troj/ST2012V-A is a Trojan infection that attempts to take advantage of the media hype surrounding Super Tuesday, a day in the American electoral campaigns in which the highest number of states cast their votes in the Republican and Democratic primaries in order to find their candidates. Troj/ST2012V-A's name comes from 'Super Tuesday 2012' which is not only the even that is behind this scam, but also the name of the executable file containing this dangerous threat.
How the Troj/ST2012V-A Trojan Attacks a Computer System
According to reports from computer security researchers, the Troj/ST2012V-A Trojan is contained in an executable file named Super_Tuesday_2012_voting_information.exe, usually sent out in a malicious email message. Once the victim opens this executable file, it does two things. It connects to a remote server located in Russia and downloads two files: a PDF file named Super_Tuesday_2012_voting_information.pdf – which, oddly enough, contains information for the Super Tuesday event, no doubt as a decoy to throw the victim off track – and it also installs a dangerous executable which will often be named after a common Windows process. For example, ESG malware analysts have detected a file named spoolsvr.exe that is a direct result of a Troj/ST2012V-A infection. Once this infection has taken root in the victim's computer, Troj/ST2012V-A will set up a back door through which a criminal can obtain unfettered access to the infected computer system.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. |
C:\Documents and Settings\ |
|
| 2. |
C:\Documents and Settings\ |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.