Mal/Krap-H
Mal/Krap-H is a banking Trojan that uses malicious stealth tactics to download other harmful files from the Internet. Mal/Krap-H can disable firewalls and steal sensitive financial data like credit card numbers and online banking login details. Mal/Krap-H also takes screen snapshots and download additional components before providing a hacker with the remote access to the compromised system. Mal/Krap-H contains all the characteristics of an identified security risk and should be terminated immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\0019.DLL 2 %System%\sdra64.exe 3 %System%\sshnas.dll 4 %System%\WORK.DAT 5 %Temp%\sshnas.dll 6 %Windir%\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job 7 %Windir%\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job 8 %Windir%\Temp\3.tmp 9 %Windir%\Temp\a.exe 10 %Windir%\Temp\b.exe 11 %Windir%\Temp\c.exe 12 %Windir%\Temp\d.exe 13 %Windir%\Temp\e.exe 14 %Windir%\Temp\f.exe 15 %Windir%\Temp\sshnas.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.