Malware.Redlofwen

By Sumo3000 in Worms

Translate To:

Threat Scorecard

Ranking:	286
Threat Level:	90 % (High)
Infected Computers:	91,439

First Seen:	July 24, 2009
Last Seen:	April 5, 2024
OS(es) Affected:	Windows

Malware.Redlofwen is a worm with the main goal of spreading and affecting other computers. Malware.Redlofwen spreads by copying itself to local disks, removal and mapped network drives. On penetrating a computer system, Malware.Redlofwen will create a start-up registry entry and terminate or disable security related applications running on the system.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
AVG	VB.TTU
F-Prot	W32/Heuristic-210!Eldorado
McAfee	Artemis!FB99C78B30D2
Panda	Trj/dtcontx.B
AVG	VB.4.CI
AntiVir	TR/Symmi.11002.1
Kaspersky	Trojan.Win32.Yakes.cbjn
Avast	Win32:Dropper-gen [Drp]
McAfee	Artemis!430C41302449
AntiVir	TR/Agent.61440
BitDefender	Adware.FlvDirect.D
F-Prot	W32/Trojan2.NBII
NOD32	Win32/TrojanDownloader.VB.ONX
McAfee	Artemis!8306EB089F2F
AVG	Suspicion: unknown virus

SpyHunter Detects & Remove Malware.Redlofwen

File System Details

Malware.Redlofwen may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	ntwvc.exe	609214054ebe2aae2949738fbdd94ae1	286
Name: ntwvc.exe MD5: 609214054ebe2aae2949738fbdd94ae1 Size: 679.93 KB (679936 bytes) Detections: 286 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\cleanmem Group: Malware file Last Updated: September 13, 2021
2.	5051CFC8B2BC3625698399.exe	3b68d15c359a1f7f2386e873f29bc34d	247
Name: 5051CFC8B2BC3625698399.exe MD5: 3b68d15c359a1f7f2386e873f29bc34d Size: 558.8 KB (558808 bytes) Detections: 247 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\5051CFC8B2BC3625698399\5051CFC8B2BC3625698399.exe Group: Malware file Last Updated: August 5, 2020
3.	iotdlue.exe	b3ff63fbdc56677e1556f9f3ed23717c	186
Name: iotdlue.exe MD5: b3ff63fbdc56677e1556f9f3ed23717c Size: 612.56 KB (612568 bytes) Detections: 186 Type: Executable File Path: %ALLUSERSPROFILE%\qquhfdj\iotdlue.exe Group: Malware file Last Updated: August 3, 2020
4.	qqgd4c2d6iybc51m5rqaol97la60ngy7rf_z_4dzrznccs9418kwi8yu9bzhayve.exe	566e13e8c5d8ed5c97d9162c4c6ba5d0	158
Name: qqgd4c2d6iybc51m5rqaol97la60ngy7rf_z_4dzrznccs9418kwi8yu9bzhayve.exe MD5: 566e13e8c5d8ed5c97d9162c4c6ba5d0 Size: 339.96 KB (339968 bytes) Detections: 158 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\qqgd4c2d6iybc51m5rqaol97la60ngy7rf_z_4dzrznccs9418kwi8yu9bzhayve.exe Group: Malware file Last Updated: August 5, 2020
5.	ae2u1rpmg7p1dx0mji14l84pdxl2udakjittjbkq3gefslcq_f6x1ram0stsk5qr.exe	0477272e117e80c098b6e999a7ee3ac2	150
Name: ae2u1rpmg7p1dx0mji14l84pdxl2udakjittjbkq3gefslcq_f6x1ram0stsk5qr.exe MD5: 0477272e117e80c098b6e999a7ee3ac2 Size: 507.9 KB (507904 bytes) Detections: 150 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\appdata\roaming\ae2u1rpmg7p1dx0mji14l84pdxl2udakjittjbkq3gefslcq_f6x1ram0stsk5qr.exe Group: Malware file Last Updated: February 25, 2021
6.	conhost.exe	62c73b5f49a1416582e2489489e809da	128
Name: conhost.exe MD5: 62c73b5f49a1416582e2489489e809da Size: 662.03 KB (662032 bytes) Detections: 128 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\conhost.exe Group: Malware file Last Updated: August 6, 2020
7.	rundll32.exe	c3f625470fd98ab3740f9f465529bbaa	126
Name: rundll32.exe MD5: c3f625470fd98ab3740f9f465529bbaa Size: 24.57 KB (24576 bytes) Detections: 126 Type: Executable File Path: %APPDATA%\2 8 Group: Malware file Last Updated: July 23, 2012
8.	alrahman.Scr	fb99c78b30d2c94914f3460e449fc8e8	91
Name: alrahman.Scr MD5: fb99c78b30d2c94914f3460e449fc8e8 Size: 11.59 MB (11590662 bytes) Detections: 91 Path: %WINDIR%\system32 Group: Malware file Last Updated: December 21, 2022
9.	ICbdf.exe	60a118c236cb13a2c28e70e6c90cac46	83
Name: ICbdf.exe MD5: 60a118c236cb13a2c28e70e6c90cac46 Size: 544.76 KB (544768 bytes) Detections: 83 Type: Executable File Path: C:\Users\<username>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Group: Malware file Last Updated: September 14, 2021
10.	gdilv6hz.exe	6dd1030b8bb299e518018e0c681662d2	17
Name: gdilv6hz.exe MD5: 6dd1030b8bb299e518018e0c681662d2 Size: 696.32 KB (696320 bytes) Detections: 17 Type: Executable File Path: C:\Program Files (x86)\Gvnl Group: Malware file Last Updated: February 10, 2020
11.	Recuses7.exe	46ef0c8c88cab3427ebddc8bc7474686	15
Name: Recuses7.exe MD5: 46ef0c8c88cab3427ebddc8bc7474686 Size: 77.82 KB (77824 bytes) Detections: 15 Type: Executable File Path: C:\Users\<username>\kvindekn Group: Malware file Last Updated: February 10, 2020
12.	vivoads.exe	28e0d371e0221aefbef798c96259af88	13
Name: vivoads.exe MD5: 28e0d371e0221aefbef798c96259af88 Size: 167.93 KB (167936 bytes) Detections: 13 Type: Executable File Path: C:\Program Files\Positivo Informática\Vivo\vivoads.exe Group: Malware file Last Updated: April 22, 2023
13.	explorer.exe	4712f33ab7330e32167de57e83d0fb93	13
Name: explorer.exe MD5: 4712f33ab7330e32167de57e83d0fb93 Size: 57.34 KB (57344 bytes) Detections: 13 Type: Executable File Path: %WINDIR%\Java\Microsoft Group: Malware file Last Updated: December 26, 2012
14.	tmp000eb537	0448c7840ae301f833323c2e33a608ca	13
Name: tmp000eb537 MD5: 0448c7840ae301f833323c2e33a608ca Size: 631.34 KB (631341 bytes) Detections: 13 Path: c:\programdata\bitdefender\desktop\enginestemp\tmp00000289 Group: Malware file Last Updated: August 27, 2020
15.	tmp000eb7ef	7f8d39a1904e95ef0090801588063fcb	13
Name: tmp000eb7ef MD5: 7f8d39a1904e95ef0090801588063fcb Size: 524.28 KB (524288 bytes) Detections: 13 Path: c:\programdata\bitdefender\desktop\enginestemp\tmp00000289 Group: Malware file Last Updated: August 27, 2020
16.	OpacaF.exe	8d6db869797db1841460c4ebd0806a84	13
Name: OpacaF.exe MD5: 8d6db869797db1841460c4ebd0806a84 Size: 253.95 KB (253952 bytes) Detections: 13 Type: Executable File Path: C:\Users\<username>\AppData\Roaming Group: Malware file Last Updated: November 18, 2020
17.	cancerr.exe	b33ad4207883df5b7fb9b398cac471fe	12
Name: cancerr.exe MD5: b33ad4207883df5b7fb9b398cac471fe Size: 110.59 KB (110592 bytes) Detections: 12 Type: Executable File Path: C:\Users\<username>\ingresw Group: Malware file Last Updated: February 10, 2020
18.	Ionsfrance4.exe	e568bd625af9ad88e065ce9745d48cee	11
Name: Ionsfrance4.exe MD5: e568bd625af9ad88e065ce9745d48cee Size: 69.63 KB (69632 bytes) Detections: 11 Type: Executable File Path: C:\Users\<username>\Gyrodactyl9 Group: Malware file Last Updated: February 8, 2020
19.	mz7ebclm.exe	c6b349c77cddba662ef59917a39e51b7	11
Name: mz7ebclm.exe MD5: c6b349c77cddba662ef59917a39e51b7 Size: 102.4 KB (102400 bytes) Detections: 11 Type: Executable File Path: C:\Program Files (x86)\Itj5 Group: Malware file Last Updated: July 28, 2020
20.	msdcsc.exe	466eec875604af9a590200a94dec6469	10
Name: msdcsc.exe MD5: 466eec875604af9a590200a94dec6469 Size: 794.62 KB (794624 bytes) Detections: 10 Type: Executable File Path: %SystemDrive%\MSDCSC\mJYiwSRovSnu Group: Malware file Last Updated: December 3, 2012
21.	systuwin.exe	288bc8998d2c7c3bf75a3b7e25be22de	9
Name: systuwin.exe MD5: 288bc8998d2c7c3bf75a3b7e25be22de Size: 86.1 KB (86105 bytes) Detections: 9 Type: Executable File Path: C:\WINDOWS Group: Malware file Last Updated: February 8, 2020
22.	configvx7.exe	d815cb3a18e848d1022d385c589a7fe8	7
Name: configvx7.exe MD5: d815cb3a18e848d1022d385c589a7fe8 Size: 548.86 KB (548864 bytes) Detections: 7 Type: Executable File Path: %PROGRAMFILES(x86)%\R7n0d2\configvx7.exe Group: Malware file Last Updated: July 29, 2020
23.	3681d36ddb4fe052fa2a7e6c56c0aacf5255db5b6733f4254a22881059f2c366.exe	77942a3d7b534f0353518711105ed7ec	4
Name: 3681d36ddb4fe052fa2a7e6c56c0aacf5255db5b6733f4254a22881059f2c366.exe MD5: 77942a3d7b534f0353518711105ed7ec Size: 229.37 KB (229376 bytes) Detections: 4 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\Desktop\m\3681d36ddb4fe052fa2a7e6c56c0aacf5255db5b6733f4254a22881059f2c366.exe Group: Malware file Last Updated: October 18, 2020
24.	75a0b1574a356592d4420af21d7e9427f0fd84452a847dac9998e03eebbd9c4e.exe	25372dc15780ce44a1a99c6a9d601732	3
Name: 75a0b1574a356592d4420af21d7e9427f0fd84452a847dac9998e03eebbd9c4e.exe MD5: 25372dc15780ce44a1a99c6a9d601732 Size: 76.8 KB (76801 bytes) Detections: 3 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\Desktop\m\75a0b1574a356592d4420af21d7e9427f0fd84452a847dac9998e03eebbd9c4e.exe Group: Malware file Last Updated: October 18, 2020
25.	2E4B3F485E2.exe	690d8cff51e6cbdc03cf7c9a5bd4382a	2
Name: 2E4B3F485E2.exe MD5: 690d8cff51e6cbdc03cf7c9a5bd4382a Size: 165.96 KB (165968 bytes) Detections: 2 Type: Executable File Path: %SystemDrive%\systemcan Group: Malware file Last Updated: February 6, 2013
26.	Paint.exe	b6261d597e853be0ad673272d0d94e5b	2
Name: Paint.exe MD5: b6261d597e853be0ad673272d0d94e5b Size: 94.2 KB (94208 bytes) Detections: 2 Type: Executable File Path: %WINDIR%\system32 Group: Malware file Last Updated: January 31, 2013
27.	rrqpfsrtzz.exe	430c41302449aac1a35f1652dd3e2c90	2
Name: rrqpfsrtzz.exe MD5: 430c41302449aac1a35f1652dd3e2c90 Size: 57.34 KB (57344 bytes) Detections: 2 Type: Executable File Path: %APPDATA%\Kcrh Group: Malware file Last Updated: February 14, 2013
28.	dirlist.txt	f1f2b6d5a8fddca217dd7d34d5f7ca4e	2
Name: dirlist.txt MD5: f1f2b6d5a8fddca217dd7d34d5f7ca4e Size: 36.57 KB (36577 bytes) Detections: 2 Group: Malware file Last Updated: October 15, 2020
29.	5dad2.exe	1a1e99df74c4d403b8c3187cf3aad54a	1
Name: 5dad2.exe MD5: 1a1e99df74c4d403b8c3187cf3aad54a Size: 36.86 KB (36864 bytes) Detections: 1 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: August 27, 2012
30.	radi.exe	8306eb089f2f493c60ceab2a1c916525	1
Name: radi.exe MD5: 8306eb089f2f493c60ceab2a1c916525 Size: 2.12 MB (2126388 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: February 6, 2013

More files

Registry Details

Malware.Redlofwen may create the following registry entry or registry entries:

File name without path

icsys.icn.exe

Regexp file mask

%public%\[RANDOM CHARACTERS].exe

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Malware.Redlofwen

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Malware.Redlofwen

File System Details

Registry Details

Submit Comment

Trending

Venanco.com Scam

Sceplondelling.co.in

Ytgoconverter.com

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?