Trojan.JackServn
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 80 % (High) |
Infected Computers: | 16 |
First Seen: | May 8, 2018 |
Last Seen: | August 1, 2018 |
OS(es) Affected: | Windows |
Trojan.JackServn is a detection name that AV developers have assigned to a generic Trojan, which is suspected to be made by a Korean team of programmers. Analysis of samples that are attributed to the Trojan.JackServn showed that the threat is coded on systems with a primary Korean keyboard layout. Also, many of the distribution campaigns associated with Trojan.JackServn appears to be restricted to computers on the peninsula. According to some statistics, the Trojan.JackServn has been active at least since July 2017. The Trojan.JackServn is reported to work on 32-bit and 64-bit Windows installations, but it is aimed at 32-bit systems primarily. Researchers note that the Trojan.JackServn may run as 'fbzqaaaa.exe' from the Temp folder under the AppData directory and feature the following attributes:
SHA-256: 4f04782130e8f73adba59e431c5775fc57573719f241da776eacd403751e956b
File name fbzqaaaa.exe
File size 1.2 MB
File version 6.1.7600.16385
The 'fbzqaaaa.exe' malware should not be removed manually as it may trigger some sort of a failsafe mechanism and cause damages to the host PC. Many AV vendors categorize Trojan.JackServn as a severe threat to regular PC users as it boasts the following capabilities:
- Downloading and uploading files
- Recording the keyboard input
- Take screenshots
As far as the network capabilities of the Trojan.JackServn goes, it may be used for Denial-of-Service (DoS) attacks, as well as hide the Web traffic of an attacker. Trojan.JackServn might invade Windows-powered devices through emails, links to corrupted pages, peer-to-peer networks and fake updates to software you may be using on your system. Perhaps the most harmful aspect of Trojan.JackServn is that it can download other malware onto the compromised machine and allow for privilege escalation attacks. It may be hard even for advanced PC users to notice that the Trojan.JackServn is running in the background. We recommend users perform system scans with a reliable anti-malware service regularly as a way to minimize potential damages from the Trojan and remove it as quickly as possible. AV engines support detection rules for Trojan.JackServn and employ the following detection names:
- TR/Patched.Gen3
- Trojan.Generic.cbphp
- Trojan.PasswordStealer
- Trojan.Win32.Jackservn
- Win32:Dh-A [Heur]
- malicious (high confidence)
Table of Contents
SpyHunter Detects & Remove Trojan.JackServn
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | file.exe | 7742cdc394221678af8b488c0857a05e | 8 |
2. | file.exe | 30210ac7bbce1e5e0c1b9c5a38e7e02b | 0 |