Win32/Brof [Threat Name] go to Threat
Win32/Brof.B [Threat Variant Name]
Category | virus |
Aliases | Virus.Win32.Kenfa.a (Kaspersky) |
W32.Kenfa (Symantec) | |
W32/Kenfa.cmp.a (McAfee) |
Short description
Win32/Brof.B is a virus that encrypts files on local drives.
Payload information
The virus searches local drives for files with the following file extensions:
- .exe
When the virus finds a file matching the search criteria, it creates its duplicate.
The file name and extension of the newly created file is derived from the original one.
The following string is prepended: "_" .
The virus encrypts the file content.
The content of the found file is overwritten by the program code of the malware.
The original host executable can be reconstructed when an infected file is run.
The file is then executed.
Other information
The virus may display the following message:
- There was this boy
- who had two chlidren
- with his sisters
- They were his daughters
- They were his favourite lovers
- I got no lips,I got no tounge
- Where there were eyes there's only space
- I got no lips, I got no tounge
- I GOT A BROKEN FACE!