Mal/EncPk-AFN
Posted: January 22, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 84 |
First Seen: | January 22, 2013 |
---|---|
Last Seen: | July 24, 2020 |
OS(es) Affected: | Windows |
Mal/EncPk-AFN is a backdoor Trojan that's distributed to German PC-users via spam e-mail messages that pretend to be affiliated with the Lufthansa German Airlines company. Since Lufthansa is a globally-recognized company and the single largest airline in Europe, many PC users – particularly those who are expecting to travel shortly – may be tricked into opening the accompanying file attachment, which installs Mal/EncPk-AFN and compromises the security of their computers. Backdoor Trojans like Mal/EncPk-AFN always should be removed as quickly as possible, although SpywareRemove.com malware experts strongly encourage the usage of a good anti-malware program for deleting Mal/EncPk-AFN, which may avoid being removed by less thorough methods that would remove normal applications.
Why a Flight on Mal/EncPk-AFN Isn't in the Best Interest of Yous or Your Computer
Like many Trojans before it, Mal/EncPk-AFN's delivery strategy uses a hefty dose of social engineering: e-mail messages carrying Mal/EncPk-AFN Trojans are formatted to look like communications from Lufthansa Airlines, with the implication being that the file attachment enclosed contains further information on details for a supposedly booked flight. Mal/EncPk-AFN is enclosed in a ZIP archive (detected as Mal/DrodZp-A), which may hinder the detection methods of simple security programs. SpywareRemove.com malware experts also noted that Mal/EncPk-AFN is misnamed to look like a PDF (Adobe-brand image/text document) file, but actually is an EXE or executable. Setting your file-viewing choices to avoid hiding file extensions will allow you to detect Mal/EncPk-AFN's full name and corresponding file type.
If you choose to open this fake Lufthansa file, your PC will be infected by Mal/EncPk-AFN, which includes the basic functions of a backdoor Trojan. Mal/EncPk-AFN may allow criminals to have a dangerous level of access to your PC, install other malware, disable security-related features or be instructed to make other attacks against your computer.
Bailing on Mal/EncPk-AFN's Flight to PC Dysfunctions
The easiest way to avoid a Mal/EncPk-AFN infection is to delete its spam e-mail messages or, at a minimum, scan suspicious file attachments before you choose to open them. If both of these safeguards have failed, you should consider your PC and its corresponding information to be at risk of being compromised by criminals.
Since Mal/EncPk-AFN disguises itself as a Windows file (the often-faked svchost.exe) and may even install other PC threats, SpywareRemove.com malware research team urges victims of Mal/EncPk-AFN attacks to use anti-malware software to delete Mal/EncPk-AFN infections whenever applicable. Mal/EncPk-AFN may attempt to conceal itself while Mal/EncPk-AFN attacks your PC and not display any symptoms that would be visible by eye – other than the often-minor resource allocation that always occurs during the presence of unwanted software.
Although current Mal/EncPk-AFN attacks target German PC users, SpywareRemove.com malware experts also warn that Mal/EncPk-AFN is compatible with PCs based in other countries. Likewise, similar but distinct spam e-mail attacks also have been known to target countries throughout the world.
Aliases
More aliases (68)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\YOUTUBE.PLAYER.exe
File name: YOUTUBE.PLAYER.exeSize: 58.2 KB (58203 bytes)
MD5: 311adc8c829cb40feb9af61c0f32b2e3
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: October 21, 2014
%APPDATA%\xvep2rzrsaggjjx32clnnpjxfwls3sac2\svcnost.exe
File name: svcnost.exeSize: 94.58 KB (94585 bytes)
MD5: eca782c54108f78b064dfcfc073dbb36
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\xvep2rzrsaggjjx32clnnpjxfwls3sac2
Group: Malware file
Last Updated: January 28, 2014
Flugscheindetails.zip
File name: Flugscheindetails.zipMime Type: unknown/zip
Group: Malware file
Flugsheindetails.PDF.exe
File name: Flugsheindetails.PDF.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Additional Information
# | Message |
---|---|
1 | Falls Sie diese Reiseinformation nicht oder nur teilweise lesen konnen, offnen Sie bitte die angehangte PDF-Version. Bitte antworten Sie nicht auf diese E-Mail. Direkt-Antworten an den Absender konnen nicht bearbeitet werden. Um mit Lufthansa in Kontakt zu treten, rufen Sie bitte den Hilfe & Kontakt-Bereich auf www.lufthansa.com auf. Flugscheindetails & Reiseinformationen in der beigefugten Datei * Den Passenger Receipt (Rechnungsbeleg) erhalten Sie durch einen Klick auf die Flugscheinnummer bis 30 Tage nach Reisebeginn. |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.