Troj/Agent-XNN
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 114 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 383,692 |
| First Seen: | August 29, 2012 |
| Last Seen: | September 20, 2023 |
| OS(es) Affected: | Windows |
Troj/Agent-XNN is a dangerous backdoor Trojan. Using Troj/Agent-XNN, criminals can gain access to your computer and carry out a variety of malicious tasks. For example, a Troj/Agent-XNN infection can be used to install other malware on the victim's computer or to steal private information stored on that computer. Troj/Agent-XNN commonly spreads via email scams, usually in the form of a malicious email attachment contained in a ZIP archive. Troj/Agent-XNN in particular has been linked to an email spam scam that is distributed in the form of a fake Facebook notification. To prevent Troj/Agent-XNN infections, ESG malware analysts advise protecting your computer with advanced security software and making sure that your anti-spam filter prevents email messages containing Troj/Agent-XNN from ever reaching your email inbox in the first place.
Table of Contents
How the Troj/Agent-XNN Email Scam Works
A Troj/Agent-XNN infection will usually begin with an email message claiming that a Facebook friend added a photo of you to their profile. This notification is similar to Facebook's real email notifications, so it can be easy to be tricked by it if you are an inexperienced computer user. However, unlike Facebook's real email notifications, this malicious email will try to convince you to download an attached ZIP file. This ZIP file is actually the Troj/Agent-XNN Trojan, despite the fact that it will be named differently. Troj/Agent-XNN will usually be disguised as a ZIP attachment with the name 'New_Photo_With_You_on_Facebook_PHOTOID[random number].zip' and will be included in an email message claiming that a Facebook friend added a photo of you to an album. Facebook does not allow computer users to view photos as attachments, so this is definitely a scam, despite the fact that the email message spoofs a Facebook-related email address and it uses language, logos and design that are very similar to official Facebook notifications.
The Troj/Agent-XNN Scam is Only One of Many Fake Facebook Email Scams
ESG malware analysts have reported previously on numerous other email scams that disguise themselves as Facebook notifications. Due to the fact that this social network has a high number of members that are relative newcomers to the Internet and that computer users are likely to want to see their pictures, these have proven to be quite effective at distributing malware. It is also important to avoid these kinds of email messages if they contain embedded links, since previous versions of this scam use links to take computer users to attack websites rather than including malicious file attachments.
SpyHunter Detects & Remove Troj/Agent-XNN
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | msiitu.cmd | 5f950b263c20bf28c37423256fb2281b | 2 |
| 2. | file.exe | a733e0c3c3621231b542864b450b50b4 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.