Threat Database Trojans Trojan:Win32/Reveton.P


By JubileeX in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 21
First Seen: January 31, 2013
Last Seen: May 22, 2023
OS(es) Affected: Windows

Trojan:Win32/Reveton.P is a ransomware Trojan that attacks PC users from particular countries. Trojan:Win32/Reveton.P blocks the targeted PC and displays a localized full-screen cover page, which is a bogus warning message, on the desktop of the infected computer by covering all other windows and making the computer unusable. The frightening alert delivered by Trojan:Win32/Reveton.P supposedly comes from a legal security institution and blames victims for certain cybercrime activities. The falsified notification distributed by Trojan:Win32/Reveton.P asks PC users to pay a fine to restore access to the PC. Trojan:Win32/Reveton.P may make system modifications to the corrupted machine that make it hard for computer users to download, install, execute, or update security programs. While being installed, Trojan:Win32/Reveton.P makes system changes by downloading infected files. Trojan:Win32/Reveton.P is distributed via drive-by downloads, for instance, executed by an exploit pack. When Trojan:Win32/Reveton.P is launched on the corrupted PC, it creates a Windows shortcut file (.LNK) in the specific folder, so that it can start automatically whenever you boot up Windows. Trojan:Win32/Reveton.P strives to evade firewalls by embedding a code into various legal processes. Evading firewalls may permit Trojan:Win32/Reveton.P to fulfill various damaging activities on the hacked computer system, incorporating, but not limited to, downloading and uploading infectious files.

File System Details

Trojan:Win32/Reveton.P may create the following file(s):
# File Name Detections
3. %USERPROFILE%\Start Menu\Programs\StartUp\runctf.lnk


Most Viewed