Trojan-Spy.Carberp

By CagedTech in Keyloggers

Threat Scorecard

Ranking:	76
Threat Level:	90 % (High)
Infected Computers:	990,166

First Seen:	October 19, 2012
Last Seen:	February 14, 2023
OS(es) Affected:	Windows

SpyHunter Detects & Remove Trojan-Spy.Carberp

File System Details

Trojan-Spy.Carberp may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	cloudnet.exe	8d61e6f9259b0505935b818142893f7b	401
Name: cloudnet.exe MD5: 8d61e6f9259b0505935b818142893f7b Size: 145.87 KB (145872 bytes) Detections: 401 Type: Executable File Path: %PROGRAMFILES(x86)%\CloudNet\cloudnet.exe\ Group: Malware file Last Updated: January 4, 2023
2.	winupdate.exe	4dfba34cb266322c7018fa17755883d0	150
Name: winupdate.exe MD5: 4dfba34cb266322c7018fa17755883d0 Size: 46.08 KB (46080 bytes) Detections: 150 Type: Executable File Path: %LOCALAPPDATA%\Microsoft\Windows\ Group: Malware file Last Updated: March 18, 2020
3.	nvid_upd.exe	e26f6ca898e41be9399509f74599a375	18
Name: nvid_upd.exe MD5: e26f6ca898e41be9399509f74599a375 Size: 180.73 KB (180736 bytes) Detections: 18 Type: Executable File Path: %LOCALAPPDATA%\NVIDIA Corporation\Updates\ Group: Malware file Last Updated: September 8, 2016
4.	cloudnet.exe	4772f9c1ba4ff73a1a1ef0ed95126fc7	13
Name: cloudnet.exe MD5: 4772f9c1ba4ff73a1a1ef0ed95126fc7 Size: 796.16 KB (796160 bytes) Detections: 13 Type: Executable File Path: %APPDATA%\EpicNet Inc\CloudNet\ Group: Malware file Last Updated: September 15, 2017
5.	cloudnet.exe	019e9bf69a353966f30456f012b25f2f	9
Name: cloudnet.exe MD5: 019e9bf69a353966f30456f012b25f2f Size: 791.04 KB (791040 bytes) Detections: 9 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
6.	nvid_upd.exe	2db2127372ec2d19cf019b54353b6c01	8
Name: nvid_upd.exe MD5: 2db2127372ec2d19cf019b54353b6c01 Size: 80.38 KB (80384 bytes) Detections: 8 Type: Executable File Path: %USERPROFILE%\Configuraci?n local\Datos de programa\NVIDIA Corporation\Updates\ Group: Malware file Last Updated: September 8, 2016
7.	rdpinst.exe	215265e6464bf57c71e57c4e9d445602	8
Name: rdpinst.exe MD5: 215265e6464bf57c71e57c4e9d445602 Size: 109.56 KB (109568 bytes) Detections: 8 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
8.	cloudnet.exe	6da7616252369d9a47c7e1408bfff433	8
Name: cloudnet.exe MD5: 6da7616252369d9a47c7e1408bfff433 Size: 850.43 KB (850432 bytes) Detections: 8 Type: Executable File Path: %APPDATA%\EpicNet Inc\CloudNet\ Group: Malware file Last Updated: September 15, 2017
9.	nvid_upd.exe	1796743828a828689fb5a4a3f34853f8	7
Name: nvid_upd.exe MD5: 1796743828a828689fb5a4a3f34853f8 Size: 82.43 KB (82432 bytes) Detections: 7 Type: Executable File Path: %USERPROFILE%\Local Settings\Application Data\NVIDIA Corporation\Updates\ Group: Malware file Last Updated: September 8, 2016
10.	cloudnet.exe	bc92af8aa078b154bcedbed79345a7e5	7
Name: cloudnet.exe MD5: bc92af8aa078b154bcedbed79345a7e5 Size: 663.04 KB (663040 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
11.	cloudnet.exe	2300c45ff5f7fecc5d1e81d0fa0de46d	7
Name: cloudnet.exe MD5: 2300c45ff5f7fecc5d1e81d0fa0de46d Size: 791.04 KB (791040 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
12.	cloudnet.exe	d15cd3ec8c1f63b108d70e42550ca865	7
Name: cloudnet.exe MD5: d15cd3ec8c1f63b108d70e42550ca865 Size: 791.04 KB (791040 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
13.	cloudnet.exe	16730b17d31419b06784364b96bec88d	7
Name: cloudnet.exe MD5: 16730b17d31419b06784364b96bec88d Size: 791.04 KB (791040 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
14.	cloudnet.exe	5708e29db49e7fc7420f0b68a9611e5e	7
Name: cloudnet.exe MD5: 5708e29db49e7fc7420f0b68a9611e5e Size: 806.4 KB (806400 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\EpicNet Inc\CloudNet\ Group: Malware file Last Updated: August 12, 2017
15.	cloudnet.exe	0f20a68dcb4bc9e81ab22b8ebd4fa3a9	7
Name: cloudnet.exe MD5: 0f20a68dcb4bc9e81ab22b8ebd4fa3a9 Size: 781.31 KB (781312 bytes) Detections: 7 Type: Executable File Path: %APPDATA%\EpicNet Inc\CloudNet\ Group: Malware file Last Updated: September 15, 2017
16.	aaa.exe	11bba9b2333559b727caf22896092217	6
Name: aaa.exe MD5: 11bba9b2333559b727caf22896092217 Size: 157.18 KB (157184 bytes) Detections: 6 Type: Executable File Path: %SYSTEMDRIVE%\users\esg\desktop\ Group: Malware file Last Updated: August 21, 2018
17.	cloudnet.exe	08b56c78f5a54071f99444e0713843f7	5
Name: cloudnet.exe MD5: 08b56c78f5a54071f99444e0713843f7 Size: 940.54 KB (940541 bytes) Detections: 5 Type: Executable File Path: %APPDATA%\EpicNet Inc\CloudNet\ Group: Malware file Last Updated: September 15, 2017
18.	rdpinst.exe	9f9c9f627942f3e658d45ab1481c2ed5	3
Name: rdpinst.exe MD5: 9f9c9f627942f3e658d45ab1481c2ed5 Size: 109.56 KB (109568 bytes) Detections: 3 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
19.	cloudnet.exe	39c8efd5f1bc28b3f96c05f99581180f	3
Name: cloudnet.exe MD5: 39c8efd5f1bc28b3f96c05f99581180f Size: 820.22 KB (820224 bytes) Detections: 3 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
20.	cloudnet.exe	ec4559dea9ec3349d2a9c5087a8fc864	3
Name: cloudnet.exe MD5: ec4559dea9ec3349d2a9c5087a8fc864 Size: 791.04 KB (791040 bytes) Detections: 3 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
21.	cloudnet.exe	ee75b4671827358a44e9a6e2262583e5	3
Name: cloudnet.exe MD5: ee75b4671827358a44e9a6e2262583e5 Size: 806.91 KB (806912 bytes) Detections: 3 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
22.	cloudnet.exe	fe4865780c7aa390edfd68212e270243	3
Name: cloudnet.exe MD5: fe4865780c7aa390edfd68212e270243 Size: 881.66 KB (881664 bytes) Detections: 3 Type: Executable File Path: %APPDATA%\EpicNet Inc.\CloudNet\ Group: Malware file Last Updated: August 12, 2017
23.	rdpinst.exe	7ce237a218fa73045d89e79d19c889c4	2
Name: rdpinst.exe MD5: 7ce237a218fa73045d89e79d19c889c4 Size: 122.36 KB (122368 bytes) Detections: 2 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
24.	rdpinst.exe	d4609d4a98cc1c2048599be77f3502e8	1
Name: rdpinst.exe MD5: d4609d4a98cc1c2048599be77f3502e8 Size: 122.36 KB (122368 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
25.	rdpinst.exe	6f88de861f2edf6757d2027ec4503257	1
Name: rdpinst.exe MD5: 6f88de861f2edf6757d2027ec4503257 Size: 143.36 KB (143360 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
26.	rdpinst.exe	8c70d50e12e7948632fedf8ace299ee9	1
Name: rdpinst.exe MD5: 8c70d50e12e7948632fedf8ace299ee9 Size: 108.54 KB (108544 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
27.	rdpinst.exe	365e42fc0253a372c397759ee5cd941f	1
Name: rdpinst.exe MD5: 365e42fc0253a372c397759ee5cd941f Size: 109.56 KB (109568 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
28.	rdpinst.exe	22a202f749c18edbef9b1a6d40f56e21	1
Name: rdpinst.exe MD5: 22a202f749c18edbef9b1a6d40f56e21 Size: 108.54 KB (108544 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016
29.	rdpinst.exe	0c5d583716aebfc429958c5e2969fb1e	1
Name: rdpinst.exe MD5: 0c5d583716aebfc429958c5e2969fb1e Size: 108.54 KB (108544 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\ Group: Malware file Last Updated: May 21, 2016

More files

Registry Details

Trojan-Spy.Carberp may create the following registry entry or registry entries:

Regexp file mask

%APPDATA%\B1_[RANDOM CHARACTERS].bat

%APPDATA%\G1_[RANDOM CHARACTERS].exe

%LOCALAPPDATA%\Microsoft\Windows\winupdate.exe

%userprofile%\Local Settings\Application Data\NVIDIA Corporation\Update\nvupd32.exe

%WINDIR%\rdpinst.exe

%WINDIR%\System32\com\svchost.exe

%WINDIR%\System32\drivers\WinmonSystemMonitor.sys

HKEY..\..\..\..{RegistryKeys}

Software\EpicNet Inc.

SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\cloudnet.exe

SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\greenbird.exe

SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes\windefender.exe

Software\Microsoft\Windows\CurrentVersion\Run\CloudNet

Software\Microsoft\Windows\CurrentVersion\Run\DivineWind

Software\Microsoft\Windows\CurrentVersion\Run\GreenBird

Software\Microsoft\Windows\CurrentVersion\Run\LongWind

SOFTWARE\Policies\Microsoft\Windows\safer\CloudMedia

SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\safer\CloudMedia

SYSTEM\ControlSet001\services\WinDefender

SYSTEM\ControlSet002\services\WinDefender

SYSTEM\CurrentControlSet\services\WinDefender

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

CloudNet

Directories

Trojan-Spy.Carberp may create the following directory or directories:

%appdata%\EpicNet Inc

%appdata%\EpicNet Inc.

EnigmaSoft Releases NEW SpyHunter Pro to Fight Malware, Enhance Privacy Protection, & Optimize PCs

Search

Change Region

Trojan-Spy.Carberp

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Trojan-Spy.Carberp

File System Details

Registry Details

Directories

1 Comment

Submit Comment

Trending

Princessmovies.org

PYAS Ransomware

Vigua.a

Most Viewed

AntiMalware

DNS Unlocker

Antivirus Security Pro