Win32/Brof [Threat Name] go to Threat

Win32/Brof.B [Threat Variant Name]

Category virus
Aliases Virus.Win32.Kenfa.a (Kaspersky)
  W32.Kenfa (Symantec)
  W32/Kenfa.cmp.a (McAfee)
Short description

Win32/Brof.B is a virus that encrypts files on local drives.

Payload information

The virus searches local drives for files with the following file extensions:

  • .exe

When the virus finds a file matching the search criteria, it creates its duplicate.


The file name and extension of the newly created file is derived from the original one.


The following string is prepended: "_" .


The virus encrypts the file content.


The content of the found file is overwritten by the program code of the malware.


The original host executable can be reconstructed when an infected file is run.


The file is then executed.

Other information

The virus may display the following message:

  • There was this boy
  • who had two chlidren
  • with his sisters
  • They were his daughters
  • They were his favourite lovers
  • I got no lips,I got no tounge
  • Where there were eyes there's only space
  • I got no lips, I got no tounge
  • I GOT A BROKEN FACE!

Please enable Javascript to ensure correct displaying of this content and refresh this page.