Trojan.Win32.Agent.uael
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 6 |
| First Seen: | November 25, 2012 |
| Last Seen: | May 14, 2022 |
| OS(es) Affected: | Windows |
Trojan.Win32.Agent.uael is a Trojan that is involved in a spam malware campaign related to presidential elections in Venezuela.
Trojan.Win32.Agent.uael aims at capturing the Internet credentials of Venezuelan PC users through a web-link, which allegedly gives details about the election for the president of Venezuela. The filename of Trojan.Win32.Agent.uael is called 'listas-fraude-electoral.pdf.exe' (English translation: 'electoral fraud lists'). The fake email includes a web-link, which, if clicked, reroutes the recipient to a bogus website that masquerades to be from 'Globovision' a TV channel of Venezuela. Trojan.Win32.Agent.uael has been generated to target employees of the Venezuela government as well as usual web users. Once installed on the compromised PC, Trojan.Win32.Agent.uael deactivates the UAC (User Account Control) of the operating system. Trojan.Win32.Agent.uael enables cybercriminals to execute administrative commands without any restrictions. Trojan.Win32.Agent.uael stays quiet till the victim goes to one website from the total five, each of a Venezuelan bank. After entering that website, the PC user gets diverted onto one infectious host where his Internet banking credentials are stolen. Trojan.Win32.Agent.uael seizes the login details that belong to government employees after they log into the www.cadivi.gob.ve website which is of The Commission of Currency Administration. Since this Commission offers administering service for legal currency transactions inside Venezuela it isn't unnatural for the PCs of the agency employees getting infected.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | listas-fraude-electoral.pdf.exe |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.