Trojan.Crypt.XPACK
Posted: May 10, 2008
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 841 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | December 16, 2022 |
| OS(es) Affected: | Windows |
Trojan.Crypt.XPACK is a malicious Trojan parasite that infiltrates your computer system via security exploits. Once installed on your PC, this Trojan will create a security-free gateway on your system and will proceed to download and install additional malware without your authorization. Trojan.Crypt.XPACK also enables a remote hacker to take complete control of your computer. This malware can log your typed keystrokes and send confidential personal and financial data (including banking information, credit card numbers, and website passwords) to a remote hacker.
Aliases
Heuristic.LooksLike.Win32.SuspiciousPE.F [McAfee-GW-Edition]PAK_Generic.009 [TrendMicro]PCK/ExeCryptor [AntiVir]Heur.Pck.EXECryptor [Comodo]PUA.Packed.EXECryptor [ClamAV]WS.Reputation.1 [Symantec]Trojan/Win32.Trojan Horse [AhnLab-V3]Virus/Win32.Xorer.gen [Antiy-AVL]Generic12.BEID [AVG]Heuristic.LooksLike.Win32.Suspicious.J [McAfee-GW-Edition]UnclassifiedMalware [Comodo]Trojan.Generic.1136884 [BitDefender]Win32.TrojanHorse [eSafe]TrojWare.Win32.Agent.~N15 [Comodo]Mal/Behav-365 [Sophos]
More aliases (448)
More aliases (448)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%LOCALAPPDATA%\ctlodbcmulti\ctlodbcmulti.dll
File name: ctlodbcmulti.dllSize: 69.63 KB (69632 bytes)
MD5: 2be5ee1d1a1b68e8ff5f2de360cadbc9
Detection count: 145
File type: Dynamic link library
Mime Type: unknown/dll
Path: %LOCALAPPDATA%\ctlodbcmulti
Group: Malware file
Last Updated: September 28, 2010
svohost.exe
File name: svohost.exeSize: 273.92 KB (273920 bytes)
MD5: b0f3ec8dff2f0dbad64098b0fca9ab7a
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
svohost.exe
File name: svohost.exeSize: 283.13 KB (283136 bytes)
MD5: 518511bf2b3d5a17f28d03151429a1a9
Detection count: 95
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
svohost.exe
File name: svohost.exeSize: 283.64 KB (283648 bytes)
MD5: 50837623c0b196ac0310aa4274c06adb
Detection count: 94
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
svohost.exe
File name: svohost.exeSize: 287.23 KB (287232 bytes)
MD5: 9f8592d59e8ae54734e95b8fee21e6b1
Detection count: 93
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
mspdb22.dll
File name: mspdb22.dllSize: 50.17 KB (50176 bytes)
MD5: eb1682a3b67f82dd66a17f6b5007fcbe
Detection count: 86
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: February 12, 2010
fyphmedqaf.exe
File name: fyphmedqaf.exeSize: 16.38 KB (16384 bytes)
MD5: a2385047288aca47ddfb925cb0d99f20
Detection count: 83
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 23, 2010
svchast.exe
File name: svchast.exeSize: 416.25 KB (416256 bytes)
MD5: b6e42e411ba4d3675cc87c5ac8cb6629
Detection count: 74
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
ctfmon.exe
File name: ctfmon.exeSize: 280.06 KB (280064 bytes)
MD5: 4d8f528130819de162440354e97d9ea7
Detection count: 66
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 21, 2010
extrac64_cab.exe
File name: extrac64_cab.exeSize: 729.08 KB (729088 bytes)
MD5: 8d0dae49399a31085d19e89d68ff6229
Detection count: 66
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 3, 2010
winlock.exe
File name: winlock.exeSize: 1.8 MB (1802985 bytes)
MD5: 6e94a82fc83bdc050dd3e871285c6826
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
wanps.exe
File name: wanps.exeSize: 87.67 KB (87672 bytes)
MD5: 5f90a89b6dc7b269c70a4e26e3c4d849
Detection count: 46
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
%WINDIR%\system32\svchost.exe:ext.exe
File name: svchost.exe:ext.exeSize: 48.12 KB (48128 bytes)
MD5: ef7f63bd5c74aafea93b15f8e131e9a1
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\system32
Group: Malware file
Last Updated: September 23, 2010
%PROGRAMFILES%\MZA\Smart\ActivationCRK.exe
File name: ActivationCRK.exeSize: 619 KB (619008 bytes)
MD5: e8c8d3a7d962351613082ab01ac96d82
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\MZA\Smart
Group: Malware file
Last Updated: July 9, 2020
DIL3E5.tmp
File name: DIL3E5.tmpSize: 8.19 KB (8192 bytes)
MD5: 2d9619b79fc727029feb2a750461aa07
Detection count: 13
File type: Temporary File
Mime Type: unknown/tmp
Group: Malware file
Last Updated: December 11, 2009
%WINDIR%\WHidePro\whpro.exe
File name: whpro.exeSize: 4.6 KB (4608 bytes)
MD5: 8ddd4045e82038d14fe5671a4148c955
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\WHidePro
Group: Malware file
Last Updated: February 14, 2011
protectgb.exe
File name: protectgb.exeSize: 443.39 KB (443392 bytes)
MD5: 04459ffe381e8bea196cf9f5b33f9c9b
Detection count: 6
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 1, 2010
More files
I understand well the first 3 steps with the Read More. I know what is a DM5, but step 4 is quite obscure (what has to be done?) and should have a Read More.