Win32/Sefnit [Threat Name] go to Threat

Win32/Sefnit.CY [Threat Variant Name]

Category trojan
Size 24064 B
Detection created Jun 04, 2014
Detection database version 9895
Aliases Trojan:Win32/Miuref.B (Microsoft)
Short description

The trojan is usually a part of other malware. The trojan has a simple payload.

Installation

The trojan does not create any copies of itself.

Other information

The trojan is a malicious Win32/Sefnit extension/plugin.


The trojan searches for the following Registry entries:

  • [HKEY_LOCAL_MACHINE\­SOFTWARE\­Microsoft\­Cryptography]
    • "MachineGuid"

The trojan searches for files which contain any of the following strings in their file name:

  • %malwarefilepathwithoutextension%.txt
  • %malwarefilepathwithoutextension%.idx
  • %malwarefilepathwithoutextension%.lck
  • %malwarefilepathwithoutextension%.dat

The file is then decrypted and executed.

Please enable Javascript to ensure correct displaying of this content and refresh this page.