SecurityHome.eu Trojan:Win32/Reveton.V

Home / malware PDF

Trojan:Win32/Reveton.V

First posted on 02 September 2013.
Source: Microsoft
Aliases :
There are no other names known for Trojan:Win32/Reveton.V.
Explanation :
Threat behavior

Trojan:Win32/Reveton.V is a detection for the dynamic-link library (DLL) file that renders the lock screen used by variants of the Trojan:Win32/Reveton family.

Trojan:Win32/Reveton variants arrive on your computer with a random name.

They download a DLL file that acts as a lock screen. The message in the lock screen is tailored to you location.

The compressed DLL is stored in a container file as <random_name>.pad in folder %APPDATA% or %TEMP%. This means the trojan can display the lock screen message with or without internet access.

Analysis by Stefan Sellmer

Symptoms

The following system changes may indicate the presence of this malware:

The presence of the following files:

%APPDATA%<random_name>.pad
%TEMP%<random_name>.pad

Last update 02 September 2013

TOP

Malware :

Last 20

Trojan:Win32/Reveton.V

Aliases :

Explanation :

Malware :

Family: