PE_SALITY.LNK-O

PE_SALITY.LNK-O Description

PE_SALITY.LNK-O is a dangerous file infector. PE_SALITY.LNK-O can be downloaded and dropped onto a computer by other malware. PE_SALITY.LNK-O can also be unknowingly downloaded from a malicious website by a user. On entering a PC, PE_SALITY.LNK-O will enumerate network shares and drop .dll files. Then PE_SALITY.LNK-O will drop a .lnk file and automatically execute it. The .lnk file is able to exploit a Windows vulnerability that allows for arbitrary commands to be executed. PE_SALITY.LNK-O is a computer threat that should be removed with a good malware removal tool promptly after detection.

Technical Information

File System Details

PE_SALITY.LNK-O creates the following file(s):
# File Name Detection Count
1 %User Temp%\{random filename}.exe - detected as PE_SALITY.BA-O N/A

Registry Details

PE_SALITY.LNK-O creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\zrfke
HKEY_CURRENT_USER\Software\bntrp