Troj/BredoZp-S
Posted: October 16, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 740 |
| First Seen: | October 16, 2012 |
|---|---|
| Last Seen: | March 15, 2022 |
| OS(es) Affected: | Windows |
Troj/BredoZp-S is a generic detection alert for a ZIP file that installs malware – commonly Trojans from the Bredo family. E-mail messages with Troj/BredoZp-S pretend to be notifications from DHL Express, with tracking numbers and a general format reminiscent of that company's communications. SpywareRemove.com malware research team warns that Bredo Trojans can display a range of different attacks, including being able to spread through removable devices, open backdoors or install other malware (particularly rogue security programs). Because the latest observed Troj/BredoZp-S attacks are quite recent, you should have completely updated anti-malware protection to detect and delete Troj/BredoZp-S when necessary.
Troj/BredoZp-S Takes the DHL Express to Your Hard Drive with Bad Intentions in Mind
Troj/BredoZp-S is one of the most recent Trojan carriers to use fake DHL e-mails to find its way to new victims, with some other examples of malware using similar methods including Win32/Cbeplay.P, Troj/Agent-WMO and even variants of Zeus like Troj/Zbot-BWI. E-mail messages carrying Troj/BredoZp-S pretend to be shipping notifications from DHL and recommend that you refer to the attached file for concrete details on the transaction. Even though the attached file, Troj/BredoZp-S, is crafted to look like a PDF, SpywareRemove.com malware analysts have found Troj/BredoZp-S to be a ZIP archive.
As soon as you open it, Troj/BredoZp-S installs its malicious payload automatically and without symptoms of the attack. Anti-malware products may detect Troj/BredoZp-S by other names, including Packed.Win32.Krap.x or Win32.Outbreak. SpywareRemove.com malware experts also emphasize that Troj/BredoZp-S only is a detection label for the ZIP archive, while the malware that's installed may be one of many different PC threats.
When Trusting in Fake DHL Shipments Comes Back to Haunt You
Troj/BredoZp-S attacks can result in a range of different infections, although SpywareRemove.com malware experts have found that the most likely payload is a member of the Bredo family of Trojans. Functions that are often associated with Bredo infections include:
- The installation of rogue security programs from the WinWebSec or FakeSysdef families. Scamware programs from these families display fake system alerts, pop-ups and scans to convince you to purchase their faulty software.
- The installation of backdoor Trojans (high-level security threats that open connections with remote servers and evade network security features).
- Unauthorized contact with C&C servers that enable criminals to access and control the infected PC. This can lead to additional system damage, loss of control over your computer, theft of information or the installation of other malware.
- Proxy server-based attacks that hijack your browser's information transactions for the purpose of stealing sensitive data.
Identifying and deleting Troj/BredoZp-S e-mails will save you the headache of dealing with Troj/BredoZp-S's payload. If you do need to remove the aftermath of a Troj/BredoZp-S attack, SpywareRemove.com malware researchers recommend suitable security software for doing so.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:DHL_Express_Processing_complete.pdf.zip
File name: DHL_Express_Processing_complete.pdf.zipMime Type: unknown/zip
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.