Win32:Kukacka

Posted: January 19, 2012

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	4,517
Threat Level:	2/10
Infected PCs:	7,710

First Seen:	January 19, 2012
Last Seen:	October 15, 2023
OS(es) Affected:	Windows

Win32:Kukacka is a Trojan that can be briefly summed up as a Trojan that is more than able to negatively shake things up on infected computers. This Trojan has been depicted in a variety of computer security reports as a type of detection technology. According to reports – in addition to statements generated by affected computer users and a variety of computer security experts – as a sort of detection technology, Win32:Kukacka is reported to not correctly clean a number of objects and additionally, it has been revealed that this Trojan may be used to reveal a huge variety of risks via specific behavior components.

This Trojan possesses the ability to modify all sorts of system settings – which can result in a very noticeable negative impact on infected machines, especially in terms of the integrity of compromised systems' security environments. A number of most prominently reported symptoms that have associated with Win32:Kukacka are that this Trojan may result in frustrating browser redirects – especially in Google search engines – users being blocked from being able to access a myriad of websites, a dramatic decrease in overall system performance, additional malware-laced security incursions (e.g. rogue security applications, worms, other Trojans, etc.), as well as a number of distinct periods in which Win32:Kukacka actively downloads various bits of content that Win32:Kukacka installs and/or stores on infected computers.

Alternate Names Utilized by Win32:Kukacka

Win32:Kukacka has a very large number of aliases that Win32:Kukacka can utilize to infect and circulate under. Win32:Kukacka is definitely able to function under any one of its innumerable aliases, and as such, this Trojan is not only able to circulate across the Internet under any one of its aliases, but there is also a very reasonable possibility that Win32: Kukacka may be identified and detected on an infected machine by the system's security software under any number of this Trojan's corresponding aliases. The following list details a number of alternate names that may be utilized by this threat on infected computers:
– Win32/Sality (AVG)
– Win32:Sality (Avast)
– W32.Sality.AE (Symantec)
– W32/Sality.AA (Panda)
– W32/Sality.gen (TheHacker)
– Mal/Sality-D (Sophos)
– Malware.Sality (PCTools)
– Virus.Win32.Sality.Gen (Comodo)
– VirTool:Win32/VBInject.gen!DA (Microsoft)
– Backdoor.Win32.IRCBot.gxj (Kaspersky)
– Backdoor.Win32.mIRC-based (Ikarus)
– Worm.Win32.Neeris (Ikarus)

Regardless of the particular given alias that Win32:Kukacka may attempt to circulate your machine under, this Trojan is a threat that needs to be removed from your infected machine as soon as is possible. Win32:Kukacka has been diagnosed as a serious Trojan that can wreck all sorts of data on those unlucky computer systems that fall prey to this malicious computer threat. As such, be sure that you remove Win32:Kukacka quickly before Win32:Kukacka has had the chance to really sink its claws into your machine.

More About Win32:Kukacka

Once Win32:Kukacka has managed to infect a targeted computer system, this Trojan begins to initiate or take part in a variety of corrupt practices and activities that can seriously harm your vulnerable machine. For instance, upon infecting a targeted machine, Win32:Kukacka will begin to work towards corrupting and compromising the infected system's SafeBoot registry keys (referencing registry keys located in all Windows-based computer systems' Windows registries). Why does Win32:Kukacka pursue this milestone? According to analysis completed on this Trojan, Win32:Kukacka hopes to compromise an infect computer's SafeBoot registry keys because doing so is known to result in the disabling of the Safe Mode boot option on the affected machine.

Another such example is that, if your computer system has been breached by Win32:Kukacka, this malicious Trojan will automatically work towards ensure that your system's drive is set to auto play. Win32:Kukacka does this by generating the corrupt file autorun.inf and then, storing this infected file in the root directory of compromised machines. This particular manifestation of a Win32:Kukacka breach and infection is noteworthy because, if a compromised computer is connected over a network, this particular penchant can result in a rapid-fire propagation and distribution of this Trojan; this particular capability can mean that, if one machine connected over a network of systems is compromised, Win32:Kukacka may be able to infect each and every one of the computer connected over the network.

Technical Details

Additional Information

The following URL's were detected:

omnatuor.com