Threat Database Stealers Infostealer.Ayufos


By GoldSparrow in Stealers

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 4
First Seen: April 4, 2014
Last Seen: October 14, 2019
OS(es) Affected: Windows

Infostealer.Ayufos is an info-stealer Trojan that is used in attacks against Japanese PC users. Infostealer.Ayufos steals private details such as account information from programs such as Filezilla, Pidgin, WinRar and Open VPN, host name, operating system version, global IP address, windows product key and the country from the compromised PC. Upon execution, Infostealer.Ayufos creates the mutex. Infostealer.Ayufos then replicates itself to a specific location. Infostealer.Ayufos connects to a distant location. Infostealer.Ayufos may also execute the potentially harmful actions such as collect clipboard data, capture screenshots, log keystrokes, kill processes, hide the control panel and disable the firewall. Infostealer.Ayufos then transmits the stolen information through SSL connections to a specific email address.

File System Details

Infostealer.Ayufos may create the following file(s):
# File Name Detections
1. C:\Documents and Settings\\Application Data\svchost.exe


Infostealer.Ayufos may call the following URLs:


Most Viewed