Suspicious.cloud.5

Posted: January 19, 2012

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	14,627
Threat Level:	2/10
Infected PCs:	31,717

First Seen:	January 19, 2012
Last Seen:	August 8, 2023
OS(es) Affected:	Windows

Suspicious.cloud.5 is a label for PC threats that are based on programs that have been maliciously altered in some way (AKA 'morphed' or 'mutated') while still lacking many of the characteristics of traditional PC threats. Because this label has sometimes been known to produce false positives, SpywareRemove.com malware researchers recommend that you manually check any Suspicious.cloud.5 suspects before you use anti-malware software to remove files that are associated with Suspicious.cloud.5. Suspicious.cloud.5 may be classified as either a Trojan or a virus due to its nature of code modification, and you should scan your entire PC to catch a potential Suspicious.cloud.5 infection if you suspect that Suspicious.cloud.5 has altered a file or program in an undesirable way.

Suspicious.cloud.5 – Fiddling with Your Files Since 2010

Suspicious.cloud.5 was first identified in September of 2010 as a virus-based modification of other files, processes and applications. Because Suspicious.cloud.5 can be applied to many different types of viruses that share its limited set of traits, symptoms of Suspicious.cloud.5 may not be highly-evident or consistent. However, SpywareRemove.com malware experts note that viruses like Suspicious.cloud.5 are sometimes detectable by excessive RAM, CPU and other system resource expenditures by normal processes. These expenditures can be viewed from Task Manager's processes tab, as well as in similar applications that also allow you to view active processes (if Task Manager is blocked or otherwise inaccessible).

Since Suspicious.cloud.5 doesn't possess many of the characteristics that would allow Suspicious.cloud.5 to be traditionally labeled as another form of PC threat, other symptoms from Suspicious.cloud.5 can be minor or even nonexistent. In most cases, using anti-malware applications to find Suspicious.cloud.5 is more practical than trying to detect Suspicious.cloud.5 by yourself, and Suspicious.cloud.5, as a broad group of similar PC threats, also lacks a distinctive propagation method.

Suspicious.cloud.5: A Cloud You Can Feel Free to Wave into Dispersal

Current rates of infections that are related to Suspicious.cloud.5 are reported to be low, and reputable anti-malware companies also note that removal of Suspicious.cloud.5 is relatively easy. However, since code-alteration attacks like those that are exhibited by Suspicious.cloud.5 may also be employed to steal private information, disable your security applications, change your browser's settings or install other PC threats, SpywareRemove.com malware experts recommend that you take Suspicious.cloud.5 seriously and remove Suspicious.cloud.5 if you've verified its malicious nature. Distinct payloads for Suspicious.cloud.5, however, are lacking, since Suspicious.cloud.5, as a general label, may be applied to many types of PC threats that lack shared purposes or functions.

However, in cases of false positives for Suspicious.cloud.5, you can feel free to set Suspicious.cloud.5 as an exception for your anti-malware programs to be ignored. Removal of false positive Suspicious.cloud.5 files is highly likely to cause damage to harmless files or programs, and for this reason, SpywareRemove.com malware experts recommend that you closely examine any Suspicious.cloud.5 alert before you take action against Suspicious.cloud.5 by removing Suspicious.cloud.5.

Aliases

BackDoor.Generic16.ABN [AVG]W32/Simda.C!tr [Fortinet]Backdoor.Win32.Simda [Ikarus]DR/Delphi.Gen8 [AntiVir]Trojan.Rodricter.21 [DrWeb]Trojan.Win32.Inject.evjk [Kaspersky]Artemis!3E967233D5EF [McAfee]Agent_r.BVC [AVG]W32/Foreign.CEBR!tr [Fortinet]Virus.Win32.Vundo [Ikarus]TR/FareitEP.A.10 [AntiVir]Trojan-Ransom.Win32.Foreign.cebr [Kaspersky]Win32:Fareit-EU [Trj] [Avast]PWS-Zbot-FAXY!1A2D26A18DCD [McAfee]Trojan/Win32.Agent [AhnLab-V3]
More aliases (2083)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

%USERPROFILE%\hysciwygikle.exe

File name: hysciwygikle.exe
Size: 41.47 KB (41472 bytes)
MD5: d6d218c1a932495420c5371584594ba3
Detection count: 302
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: June 12, 2014

%TEMP%\Low\wpbt0.dll

File name: wpbt0.dll
Size: 96.25 KB (96256 bytes)
MD5: f09754f289d01c5f54e8e52894f5f410
Detection count: 81
File type: Dynamic link library
Mime Type: unknown/dll
Path: %TEMP%\Low
Group: Malware file
Last Updated: April 29, 2013

%USERPROFILE%\dxfkdiog.exe

File name: dxfkdiog.exe
Size: 105.98 KB (105984 bytes)
MD5: 12451c0bb294dc455e0b49aad491c1c1
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: May 2, 2013

%USERPROFILE%\6755868.exe

File name: 6755868.exe
Size: 90.11 KB (90112 bytes)
MD5: 65566caa7c85b30732bf85f0542ab377
Detection count: 32
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: May 13, 2013

%USERPROFILE%\xumydridqylr.exe

File name: xumydridqylr.exe
Size: 41.47 KB (41472 bytes)
MD5: 45f0be3046082e97e098f2236a32ff37
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: February 13, 2014

%USERPROFILE%\Application Data\temp1.exe

File name: temp1.exe
Size: 328.7 KB (328704 bytes)
MD5: 56b849924b6fb69079792b47583a5826
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Application Data
Group: Malware file
Last Updated: March 27, 2016

%WINDIR%\system32\lvysvbqvgoty.exe

File name: lvysvbqvgoty.exe
Size: 47.61 KB (47616 bytes)
MD5: ac8b37e9ef7f735d9e62449a4684b205
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: May 8, 2013

%LOCALAPPDATA%\KB3237683\KB3237683.exe

File name: KB3237683.exe
Size: 130.57 KB (130576 bytes)
MD5: 79846904d8dc906ed0135a98d0f15ff6
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\KB3237683
Group: Malware file
Last Updated: April 29, 2013

%USERPROFILE%\dxkaepsp.exe

File name: dxkaepsp.exe
Size: 205.82 KB (205824 bytes)
MD5: e49e17d05aee81145b27fec6ec027ba0
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: May 8, 2013

%WINDIR%\system32\ciphtend.exe

File name: ciphtend.exe
Size: 271.36 KB (271360 bytes)
MD5: cc109d875fd3c0603fda363a01e811e3
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: April 22, 2013

%USERPROFILE%\sicasisyhifh.exe

File name: sicasisyhifh.exe
Size: 41.47 KB (41472 bytes)
MD5: 564ed9964355e7c1d07853546f40a338
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: August 21, 2014

%SystemDrive%\Users\<username>\AppData\Local\Temp\webyeryb3460vavaw.exe

File name: webyeryb3460vavaw.exe
Size: 87.04 KB (87040 bytes)
MD5: 7c2417a93b410dfcde8d0bff76d00e10
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Local\Temp
Group: Malware file
Last Updated: April 22, 2013

%COMMONPROGRAMFILES%\894fy894yt98.{2227A280-3AEA-1069-A2DE-08002B30309D}\ofvjkphyr.exe

File name: ofvjkphyr.exe
Size: 329.21 KB (329216 bytes)
MD5: 44f92aa0c467bebf1afd472ebf3c6bc8
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %COMMONPROGRAMFILES%\894fy894yt98.{2227A280-3AEA-1069-A2DE-08002B30309D}
Group: Malware file
Last Updated: April 29, 2013

%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\780b5df8fda898f39851917d8a235940.exe

File name: 780b5df8fda898f39851917d8a235940.exe
Size: 116.22 KB (116224 bytes)
MD5: 614a07eef02f4be374f676d001768583
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: May 15, 2013

%WINDIR%\SysWOW64\config\systemprofile\alg.exe

File name: alg.exe
Size: 133.63 KB (133632 bytes)
MD5: 90f0e823e72ef79d96bad92ca34264a4
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\SysWOW64\config\systemprofile
Group: Malware file
Last Updated: May 13, 2013

%USERPROFILE%\4586202.exe

File name: 4586202.exe
Size: 111.1 KB (111104 bytes)
MD5: 1a2d26a18dcdf170010bc9ced7c94c5e
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: May 15, 2013

%APPDATA%\Q3w79.exe

File name: Q3w79.exe
Size: 813.05 KB (813056 bytes)
MD5: 3e967233d5efc7019b6b591d07226b75
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: July 14, 2013

RANDOM CHARACTERS.exe

File name: RANDOM CHARACTERS.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

C:\Users\<username>\Documents\MSDCSC\[RANDOM CHARACTERS].exe

File name: C:\Users\<username>\Documents\MSDCSC\[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

More files