Fuzfle CL

By GoldSparrow in Trojans

Fuzfle CL (also known as Generic Dropper.av by McAfee, Trojan-Dropper.Win32.Agent.fun by Kaspersky, and Infostealer by Symantec) is a Trojan using rootkit techniques to become active in a computer while remaining concealed from both the user and any malware detection programs being used. The main purpose of Fuzfle CL is to gain control of the user's system while sending login, password and financial information to a remote server. This invariably always leads to identity theft.

Aliases

1 security vendors flagged this file as malicious.

Anti-Virus Software Detection
- W32/Dropper.NHL

File System Details

Fuzfle CL may create the following file(s):
# File Name Detections
1. xdx35.sys
2. resume.exe
3. %system%\drivers\xdx35.sys
4. %profile%\local settings\temp\id7254.exe
5. %profile%\local settings\temp\build.exe

Registry Details

Fuzfle CL may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 classguid
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 class
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35\enum coun
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 configflags
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xdx35\enum 0
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_xdx35\0000 capabilitiest

Trending

Most Viewed

Loading...