BKDR_DOKSTORMC.A
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 5,800 |
Threat Level: | 10 % (Normal) |
Infected Computers: | 1,464 |
First Seen: | November 26, 2012 |
Last Seen: | September 19, 2023 |
OS(es) Affected: | Windows |
BKDR_DOKSTORMC.A is a malicious file that infects the targeted computer with a version of the Arcom RAT (Remote Access Trojan). As its name implies, a RAT allows a remote attacker to gain access to the victim's computer. BKDR_DOKSTORMC.A is distributed through malicious email messages, in this case a spam email that contains a fake Tsunami warning. The BKDR_DOKSTORMC.A email message contains a fake article and an embedded link that supposedly leads to a video. This link leads to a malicious ZIP archive which supposedly contains an AVI video. In reality, this ZIP archive contains the BKDR_DOKSTORMC.A Trojan. This Trojan is disguised as an AVI file that is actually a PIF file named sunami_australian_agency_of_volcanology and seismology.avi.pif (BKDR_DOKSTORMC.A uses a fake extension to hide itself). ESG security researchers strongly advise computer users to avoid news from unsolicited email messages. Your news should come from reliable news outlets rather than from spam email. Fake news stories distributed in spam emails are some of the most popular ways of distributing malware, usually contained in a malicious embedded link or file attachment.
The fake news article contained in BKDR_DOKSTORMC.A's malicious email message supposedly comes from news.com.au and clearly targets computer users located in Australia. According to this fake news article, experts warn about a Tsunami headed towards Australia on December 31st (all the more silly is considering that Tsunamis are nearly impossible to predict, especially nearly two months before the date!). The article contains a link that says 'watch now' which leads to the malicious ZIP archive containing the BKDR_DOKSTORMC.A Trojan. This dangerous Trojan is a backdoor infection that, once installed, attempts to connect to a remote server in order to receive instructions from the remote party.
Table of Contents
BKDR_DOKSTORMC.A is a Variant of the Arcom RAT
The Arcom RAT is a dangerous malware infection that criminals can use to gain control over the infected PC. This hacking tool is sold on hacking forums for two thousand dollars, although it is also available on underground file sharing networks in a cracked version. BKDR_DOKSTORMC.A was created by a hacker known as princeali, who is connected with a hacking organization known as NuclearWinterCrew. This group of criminals was also responsible for the NuclearRAT, another dangerous backdoor Trojan and RAT. Malware like the Arcom RAT has been used to attack high profile targets, including government organizations and muti-national corporations and poses a severe threat to infected computer systems.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | sunami_australian_agency_of_volcanology_and_seismology.avi.pif |
URLs
BKDR_DOKSTORMC.A may call the following URLs:
https://find.stormsearch.net/?q= |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.