Home Malware Programs Viruses Malware.Espoleo

Malware.Espoleo

Posted: July 9, 2010

Malware.Espoleo is a malicious computer virus which makes use of Internet Explorer's vulnerabilities to spread. Malware.Espoleo is downloaded stealthily when computer users log on to corrupt websites designed to spread this parasite. Once activated, the targeted system can be used to destroy computer resources. Remove Malware.Espoleo as soon as it has been detected.

Aliases

Virus.Win32.Agent.z (Kaspersky Lab)
W32/Espoleo.a (McAfee)
PE_ESPOLEO.A (Trend Micro)
W32/Espoleo-A (Sophos)
Virus:Win32/Espoleo.B (Microsoft)
Win32/Espoleo (AhnLab)

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %System%\winlogon.exe.dll
    2 %Temp%\d.dll
    3 %Windir%\Temp\d.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ServiceCurrent][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ServiceCurrent]
Loading...