Home / malware Trojan.Fakecrypt
First posted on 07 August 2015.
Source: SymantecAliases :
There are no other names known for Trojan.Fakecrypt.
Explanation :
Trojan.Fakecrypt is a Trojanized version of the TrueCrypt utility.
Once executed, the Trojan collects the following information:
Computer nameUser nameList of files and folders on specific drivesOperating system versionLogin passwords for specific applications and services
The Trojan then opens a back door on the compromised computer, and connects to one or more of the following remote locations:
[https://]78.47.218.234[http://]www.truecryptrussia.ru
The Trojan may then perform the following actions:
Download and run executable filesUpload filesSend gathered information to a remote locationLast update 07 August 2015
