Packed.Generic.402 DescriptionType: Trojan
Packed.Generic.402 has been used in various social engineering scams that attempt to take advantage of trending news in order to entice inexperienced computer users into clicking on malicious links contained in spam email messages. Packed.Generic.402, in particular, has attracted attention because of the sad nature of its attacks. Criminals are capitalizing with the widespread panic and uncertainty after the terrible Boston Marathon bombing. Only a few hours after the attack, spam email messages containing subject lines related to this incident started to appear in computer users' in- boxes. These spam email messages seem to originate in Latvia and Ukraine.
About twenty percent of all spam email sent out a few days after the incident in Boston contained subject lines referencing the event in some way. This tactic of taking advantage of trending news stories is not a new development; in recent years every important news story, from the election of a new pope to the death of Michael Jackson and the spring of a new iPhone version will usually be accompanied with a spam email campaign attempting to take advantage of computer users likely opening unsolicited email messages. Of course, PC security researchers strongly advise against receiving news from unsolicited email messages. Instead, computer users should refer to reputable media outlets instead of continuing to open unsolicited email messages from dubious sources.
The Infection Process Used by Packed.Generic.402
Once the victim clicks on the embedded link on the malicious email message, it will lead to a website that includes what looks like to be a YouTube video. While the video plays a news story related to the Boston Marathon bombing (or to the trending news story that is being used to distribute Packed.Generic.402), an exploit kit executes a malicious code on the victim's computer by taking advantage of vulnerabilities in the victim's web browser, applications or operating system. The most common exploit kit associated with Packed.Generic.402 attacks is the RedKit Exploit Kit. If the malicious code is executed successfully, Packed.Generic.402 will install its malicious files on the victim's computer and make dangerous changes to the infected computer's settings. Packed.Generic.402 is a password stealing Trojan that can be utilized to swindle passwords and login information for online accounts, banking information and other sensitive data from the infected computer.
14 security vendors flagged this file as malicious.
File System Details
|#||File Name||MD5||Detection Count|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.