Home / malwarePDF  

Trojan:Win32/Sirefef.P


First posted on 30 April 2019.
Source: Microsoft

Aliases :

Trojan:Win32/Sirefef.P is also known as Win32/Sirefef.DK, Trojan.Win32.Jorik.ZAccess.qe, FakeAlert-GA.gen.r, Trojan.Gen.2, Cryp_FakeAV-56.

Explanation :

Trojan:Win32/Sirefef.P is a trojan component of Win32/Sirefef - a multi-component family of malware that disturbs your Internet experience by changing search results, and generates pay-per-click advertising revenue for its controllers. The family consists of multiple parts that do different functions, like downloading updates and additional components, hiding existing components, or running payload routines.

Installation

Trojan:Win32/Sirefef.P is installed by other malware and may have the file name wpbt0.dll. The trojan component is responsible for downloading other malicious components.

In the wild, we have observed some variants of Trojan:Win32/Sirefef.P installed with other malware, including those detected as Win32/Vobfus and Win32/Cycbot.

Analysis by Jireh Sanico

Last update 30 April 2019

 

TOP