Home / malware Trojan:Win32/Sirefef.I
First posted on 15 November 2011.
Source: SecurityHomeAliases :
Trojan:Win32/Sirefef.I is also known as Trojan.Win32.Zapchast.slx (Kaspersky), Trojan.Win32.Sirefef (Ikarus), Troj/Sirefef-N (Sophos), TROJ_ZACCESS.F (Trend Micro).
Explanation :
Trojan:Win32/Sirefef.I is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.
Top
Trojan:Win32/Sirefef.I is a component of Win32/Sirefef - a multi-component family of malware that moderates an affected user's Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components, or performing the payload.
Trojan:Win32/Sirefef.I is the detection for the Sirefef component that injects malicious code into a process such as "svchost.exe".
In the wild, Trojan:Win32/Sirefef.I is found to be dropped by another component, detected as TrojanDropper:win32/Sirefef.B.
Analysis by Jireh Sanico
Last update 15 November 2011
