Wayphisher
Wayphisher is a trojan designed for phishing purposes and theft of user sensitive information. It tricks the user by sending a web browser from financial web sites to predefined malicious Internet resources with very similar look. Wayphisher creates files, modifies the Windows registry and adds addresses of phishing sites into the computer Hosts file. This prevents the user from accessing legitimate banking sites.
File System Modifications
- The following files were created in the system:
# File Name 1 explorer.dll 2 msupdprx.dll 3 msxml32.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOTMicrosoft.Update.CacheHKEY_CLASSES_ROOTMicrosoft.Update.Cache.1HKEY_LOCAL_MACHINESOFTWAREClassesMicrosoft.Update.ProxyHKEY_LOCAL_MACHINESOFTWAREClassesMicrosoft.Update.Proxy.1 - The following CLSID's were detected:
HKEY..\..\{CLSID Path}A2D5957F-6D1A-44CE-BFBA-D448EAAB87826E28339B-7A2A-47B6-AEB2-46BA53782375A2D5957F-6D1A-44CE-BFBA-D448EAAB87814CF9A0D2-ED75-40CB-98C0-36DF6A30E0406E28339B-7A2A-47B6-AEB2-46BA53782378
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.