W32/Xirtem@MM

By Sumo3000 in Worms

Translate To:

W32/Xirtem@MM is a malicious mass-mailing worm. W32/Xirtem@MM spreads via e-mails as an attachment or a link in the electronic message. W32/Xirtem@MM is able to run in the background of a system and will harvest e-mail addresses from a victim's machine in order to send copies of itself to all the contacts. W32/Xirtem@MM may also allow other malware onto a compromised system and deteriorate its performance.

File System Details

W32/Xirtem@MM may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%AppData%\SystemProc\lsass.exe
Name: %AppData%\SystemProc\lsass.exe Type: Executable File
2.	%ProgramFiles%\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest
Name: %ProgramFiles%\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest
3.	%ProgramFiles%\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf
Name: %ProgramFiles%\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf
4.	%ProgramFiles%\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul
Name: %ProgramFiles%\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul

Registry Details

W32/Xirtem@MM may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

Start = 0x00000004

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ERSvc\

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

W32/Xirtem@MM

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen