Home / malware Program:Win32/Pameseg.AL
First posted on 20 March 2012.
Source: MicrosoftAliases :
There are no other names known for Program:Win32/Pameseg.AL.
Explanation :
Program:Win32/Pameseg.AL is an installer file that requires the user to send an SMS message to a premium number to successfully install certain programs.
Top
Program:Win32/Pameseg.AL is an installer file that requires the user to send an SMS message to a premium number to successfully install certain programs.
Installation
Program:Win32/Pameseg.AL may be bundled with other software, and disguises itself as a installer for a variety of programs in English and in Russian, such as cracks, games, movie torrents and legitimate software. In the wild, the Pameseg executable has used file names such as those listed below:
Execution
- Adobe_Dreamweaver.zip.exe
- Age_of_Empires_Online.zip.exe
- Call_of_Duty_Modern_Warfare_3__RUS_.zip.exe
- Drakula__Lyubov_Ubivaet.zip.exe
- drayvera_k8n4_e.zip (1).exe
- hlbot_dlya_crossfire__ru_.zip.exe
- kitayskaya_proshivka_dlya_iPhone_4G.zip.exe
- kontserti_naytvish.zip.exe
- Microsoft_Security_Essentials_1_0_1611_0_Final.zip.exe
- noviy_chit_na_kristalli_dlya_Tanki.zip.exe
- opengl32_dll_dlya_vin_7.zip.exe
- prezentats__ya_po_h__m_____sklo.zip.exe
- Rusifikator_Dlya_Nfs_Carbon_Torrent.zip.exe
Prompts the user to send an SMS message
Upon execution, Program:Win32/Pameseg.AL displays messages similar to the following, prompting the user in Russian to agree to the terms of use and to install the program:
Pameseg then displays the following message prompting the user to send an SMS to a premium number, at the user's expense, to receive a code in order for the installlation to complete successfully.
Analysis by Amir Fouda
Last update 20 March 2012
