EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
|Threat Level:||90 % (High)|
|First Seen:||January 29, 2013|
|Last Seen:||March 13, 2022|
Trojan.Spachanel was detected in January of 2013. This Trojan is contained in a tiny file and can affect the most currently used versions of Windows, going all the way back to Windows 95. Trojan.Spachanel belongs to a category of Trojans known as information stealers. Like their name implies, these kinds of Trojans are designed to attack a computer and allow a third party to gain access to personal data stored on the infected computer. Trojan.Spachanel poses a threat to your personal information, and while not causing direct damage to your computer, does have the potential to allow criminals to clean out your bank accounts or gain access to your email and social media accounts. As of the writing of this report, Trojan.Spachanel has not seen widespread distribution and has been contained to a relatively small geographical area. However, as its distribution mechanisms expand, it is likely that new cases of Trojan.Spachanel will appear in the wild.
Trojan.Spachanel carries out a typical Trojan attack, using tactics that ESG security researchers have seen countless times before. First Trojan.Spachanel will attempt to infiltrate a computer with the help of a social engineering mechanism. These will usually distribute malicious email messages or Instant Messages prompting computer users to either download the Trojan.Spachanel executable or visit an attack website that uses exploits in an attempt to execute Trojan.Spachanel on your computer. Once this occurs, Trojan.Spachanel will use a random file name and will place its executable file in the infected computer user's User Profile folder. Finally, Trojan.Spachanel makes changes to the Windows Registry that allows its executable to run automatically when Windows starts up. This malicious edit to the Windows Registry is disguised as a Windows Update registry entry.
How Trojan.Spachanel Carries Out Its Infection Process
Once installed on the victim's computer, Trojan.Spachanel will inject its malicious code into several processes on the victim's computer. The file processes are wuauclt.exe, iexplore.exe, chrome.exe, explorer.exe, firefox.exe, opera.exe, totalcmd.exe, far.exe, and cmd.exe. Trojan.Spachanel also uses a named Mapping file named chanel_qwm0g89h2bg82g890. The Trojan.Spachanel attack is not difficult to understand. Trojan.Spachanel gathers information on the infected computer and establishes a connection with the IP address 126.96.36.199. This information can then be used to steal information from the victim's computer or to target the victim with additional malware, including adware variants and other kinds of malware infections that make it easier for criminals to monetize.