Threat Database Trojans Trojan.Miuref

Trojan.Miuref

By GoldSparrow in Trojans

Threat Scorecard

Ranking: 9,248
Threat Level: 80 % (High)
Infected Computers: 72,720
First Seen: May 16, 2014
Last Seen: October 13, 2024
OS(es) Affected: Windows

Miuref is a threat that uses click fraud and browser hijacking to infect computer systems using the Windows operating system. Microsoft has called attention to Miuref in its latest security reports, indicating that Miuref can be responsible for the collection of data and money as well as carrying out browser hijacking tasks such as changing search results and redirecting Web browsers to certain websites. Miuref may be used to mine Bitcoin and carry out a variety of other threatening tasks on the targeted computer system. Microsoft has noted that Miuref activity has increased significantly in the 2014 and that quick measures should be put into action to prevent these types of infections.

Miuref is a Very Deceptive Threat

Malware like Miuref is among the most common infections. This is because Miuref lies in wait on the infected computer, gradually generating revenue at the expense of the computer user with minimal risk or work for the threat's creator or distributor. In fact, threats like Miuref have been on the rise, with new threat families using these types of approaches constantly appearing on the Web. Miuref infections were first detected in December of 2013 and have quickly risen to become some of the most common active malware attacks.

Our PC security analysts have noted that Miuref uses several infection vectors, ranging from social engineering and spam email messages to dropper Trojans and attack websites. Once Miuref is installed, Miuref may connect to an outside server (that may be referred to as a C&C or Command and Control server) so it may transfer data pertaining the infected computer. Miuref may install Web browser plug-ins to take over the infected Web browser and control the content viewed by the victim. Miuref may also generate advertising revenue by clicking on online advertisements automatically. One of the most troubling problems involving Miuref is that Miuref may expose a computer to other, more harmful threats. Browser redirects, online advertisements and Trojan droppers linked to Miuref may expose computer users to unsafe content and other threats, quickly infecting the victim's PC with a variety of other threats.

SpyHunter Detects & Remove Trojan.Miuref

File System Details

Trojan.Miuref may create the following file(s):
# File Name MD5 Detections
1. qtscript4.dll de6e98a55bf357f5d46ed80083fe85ed 657
2. payload.exe bd7b8d984be1fb433a33f1bb57d56d33 448
3. Windows_Activaton.exe 5f9887116ce607be6e65b99c94391fe1 230
4. SdlUsb8.dll f71a8185f80a239068e18d6f83d7b3aa 189
5. Windows_Activaton.exe 2bd94b63675f083368cf7750e72d5e7c 169
6. icuPlugin32.dll 3e28144c395cbe31c3bbd2fa5771e03c 129
7. Windows_Activaton.exe dd28c3080015ee8be1b3bd7761da9d4d 124
8. PtWIkit4.dll d2a49a62666da6befbc803b94c5ea070 121
9. ff_libfaad2.dll 95a3e8d8a7972969c1930849f3002292 79
10. 2e42baa9dd56a6db4d8719bc0b5170ca.exe 2e42baa9dd56a6db4d8719bc0b5170ca 74
11. icfgObjspi.dll e2657cc2d4c167310a347aa85f68a2b2 66
12. Cvt_x86.dll 44afe02536ba438bb08877a6cc22187b 65
13. Dvkit.dll 0623fd0bfbaed7ed6a0eeafead87f2e6 60
14. Windows_Activaton.exe 4094d0e61d2a01b43a398fee20426eb8 58
15. CatDBARM.dll ab7034465b0d479b99fb5a049f4bd05d 53
16. Windows_Activaton.exe 426466fa73107f408f9bf39fafa17831 43
17. Windows_Activaton.exe fc8029bb64076c02bc5161f59617cb60 37
18. Windows_Activaton.exe 10efac297d33fcf55a766ec80518c102 15
19. loader_u.dll 77f7fb95c5d5c20bc28ba195abcfa5cf 14
20. Windows_Activaton.exe 8b953f1d6768f5f5fdbd8732a85ae36b 11
21. Windows_Activaton.exe 5491c8f919890a5ee734382a305abaee 6
22. loader_u.dll e1ff33989a96d45693c4a5094a2a296c 2
23. Windows_Activaton.exe 4ee97d2efda5a2ad5e1176fb31a3e105 2
24. Windows_Activaton.exe 9f28226923c02b42c663623c29385231 2
25. siftDLL.dll cbc4da27aeb103a4ca53b79495c760be 1
26. Windows_Activaton.exe b81415a4b0ed5571299db7bb4ee7ddf7 1
27. SYMSRV.DLL 96dde3b7b36477f7afcfd2e09f04d347 1
28. %UserProfile%\Administrator\Local Settings\Application Data\UQmedia\BluetoothUtilperf.dll
29. %UserProfile%\Local Settings\Application Data\UQmedia\BluetoothUtilperf.1
30. %Temp%\setup.dat
31. %Temp%\rs.dat
32. %Temp%\rzkxixls.exe
33. file.exe b80a2daca4b5000fae089e655f2fa4b0 0
More files

Registry Details

Trojan.Miuref may create the following registry entry or registry entries:
Regexp file mask
%ALLUSERSPROFILE%\Microsoft\Performance\TheftProtection\temp\tmpw{3,4}.exe
%LOCALAPPDATA%\Microsoft\Performance\TheftProtection\temp\tmpw{3,4}.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"UQmedia" = "regsvr32.exe "%UserProfile%\Administrator\Local Settings\Application Data\UQmedia\BluetoothUtilperf.dll""

Directories

Trojan.Miuref may create the following directory or directories:

%ALLUSERSPROFILE%\microsoft\performance\theftprotection
%LOCALAPPDATA%\Otics
%LOCALAPPDATA%\YVPack

Trending

Most Viewed

Loading...