Mal/EncPk-AGE
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 16,424 |
| Threat Level: | 90 % (High) |
| Infected Computers: | 117 |
| First Seen: | October 11, 2012 |
| Last Seen: | September 4, 2023 |
| OS(es) Affected: | Windows |
Spam email attacks that take advantage of important news stories is a common social engineering tactic that criminals use to infect their victims' computers with malware. We've seen it over and over again in events such as the London 2012 Olympics and with celebrity deaths as was the case with Steve Jobs, Amy Winehouse, and Michael Jackson. Presidential elections in the United States are also a prime news source that criminals exploit for their attacks. We saw it repeatedly after the 2008 elections in the United States. Scammers are taking advantage of the current presidential elections involving Mitt Romney and Barack Obama. The Mal/EncPk-AGE Trojan dropper is a component of a widespread attack that begins with fake email messages from CNN and other news sources. If you suspect that your computer has become infected with the Mal/EncPk-AGE Trojan dropper, it is important to scan your computer thoroughly with a reliable, strong anti-malware program in order to avoid the loss of your stored information and private data.
There are multiple components involved in a Mal/EncPk-AGE malware attack. It all begins with a malicious spam email message titled 'CNN Breaking News - Mitt Romney Almost President'. This email message claims to be a CNN news alert and contains bogus stories that are eye catching and can prompt computer users to click on them. The main story in this malicious email message claims that Mitt Romney is winning with sixty percent of the vote! Clicking on these stories leads to malicious websites that contain the Mal/JSRedir-H redirect, a dangerous JavaScript Trojan that directs computer users to attack websites containing the BlackHole Exploit Kit.
Using the BlackHole Exploit Kit, criminals will attempt to exploit simultaneously vulnerabilities in software and operating systems in order to install Mal/EncPk-AGE on your computer. This Trojan dropper will usually take the form of an executable file disguised as a fake update for Flash Player or other popular software. Mal/EncPk-AGE's payload involves installing a backdoor on your computer, which criminals can then use to set up other malware on the compromised computer. One of the most worrying aspects of this attack is that it gives the impression of be using a new version of the BlackHole Exploit Kit, meaning that many computers that were previously well protected against this exploit kit may now be vulnerable to these kinds of attacks.
Table of Contents
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Panda | Trj/Genetic.gen |
| AntiVir | TR/Rogue.kdz.887452 |
| Comodo | TrojWare.Win32.PWS.ZBot.ATB |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| Symantec | Packed.Generic.397 |
| Panda | Trj/Dtcontx.A |
| AVG | Suspicion: unknown virus |
| AhnLab-V3 | Dropper/Win32.Dapato |
| DrWeb | Trojan.PWS.Stealer.2155 |
| Kaspersky | Trojan.Win32.Yakes.bxfb |
| Avast | Win32:Karagany-PS [Trj] |
| McAfee | Downloader-FGY!AB05E06E2D2E |
| Panda | Trj/OCJ.A |
| AVG | PSW.Generic10.AEUH |
| Fortinet | W32/Zbot.AMX!tr |
SpyHunter Detects & Remove Mal/EncPk-AGE
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | gmexwbrvazfmravermyqnfnan.exe | 1dbb6ef3abf86afd978c662e2ad99292 | 28 |
| 2. | svcnost.exe | 56ce88656b42701acf3c8e285bd177e9 | 18 |
| 3. | skype.dat | aa86c0a2364b344b9bde2c36b96b6ca8 | 6 |
| 4. | svchost.exe | ddf94649574babbd544d4feb5ebf0cdd | 3 |
| 5. | mscjeiph.com | a98b67b13660886013ebef16acde7146 | 1 |
| 6. | msnxoh.exe | 4da43762ebf84404c38b9f2632a62ab2 | 1 |
| 7. | skype.dat | ab05e06e2d2e56b05912117ee77661ec | 1 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.