Mal/VB-AER
Posted: July 18, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 63 |
First Seen: | July 18, 2012 |
---|---|
OS(es) Affected: | Windows |
Also, known by the alias Gen:Variant.Barys.2763, Mal/VB-AER is a PC threat that's distributed in fake e-mail messages that pretend to display photographs of an acquaintance. Strongly echoing an earlier spamming campaign that distributes the Trojan dropper Mal/Behav-043 under similar pretenses, Mal/VB-AER e-mail messages appear to be targeting primarily Francophiles although their French is clumsily-written and appears to have been created with a little help from translator tools. Opening the enclosed .zip file will infect your PC with Mal/VB-AER along with a Zbot variant that may steal bank-related information. Given the definite probability of a Mal/VB-AER infection including highly-invasive PC threats along with Mal/VB-AER, SpywareRemove.com malware research team underscores the usefulness of having anti-malware programs that can scan your PC for any and all types of malicious software and delete Mal/VB-AER safely and completely.
Why Prudishness Could Save Your PC from a Mal/VB-AER Savaging
Mal/VB-AER is a Visual Basic-coded executable file that uses e-mail spam to infect other computers. Mal/VB-AER e-mails are identifiable by their inclusion of a password-protected .zip file attachment, which contains Mal/VB-AER and a Zbot variant that may be detected as Troj/ZbotMem-B. The latter is especially noteworthy as a PC threat that specializes in stealing personal information, particularly information that's associated with online bank accounts. Current Mal/VB-AER e-mail campaigns use clumsily-phrased French messages to make it seem like the file attachment actually is a series of pictures sent by a known friend. The password is included on the main text (the body) and is a detail that hearkens back to previous spam campaigns in English, such as Troj/Agent-REX spam campaigns (also noteworthy as a form of spyware).
Obviously, declining this file attachment and deleting the e-mail right away can protect your PC from a potential Mal/VB-AER infection, although you may prefer to use anti-malware software to detect Mal/VB-AER and similar PC threats as they're downloaded. Mass-mailed e-mail messages that distribute malicious links and files like Mal/VB-AER are a typical source of exposure to many types of PC threats. Additionally, the fact that Mal/VB-AER's zip file is encrypted may impede its identification by some brands of anti-malware scanners. SpywareRemove.com malware researchers also recommend that you download any available updates for your software if you prefer to download and scan potential Mal/VB-AER files given that Mal/VB-AER was defined as a PC threat in the middle of this month.
Cracking into the Core of Mal/VB-AER's Features
Once you get past its premise of being saucy picture files, Mal/VB-AER is identifiable as a Trojan dropper that may also include backdoor features. Features of a typical Mal/VB-AER attack that SpywareRemove.com malware experts have considered worth notice are noted below:
- Mal/VB-AER will place other malicious files on your PC, potentially in multiple locations.
- Mal/VB-AER will modify Outlook Express files without your consent (potentially as part of spam distribution attacks or attempts to harvest e-mail addresses).
- Mal/VB-AER will remove cookies from Internet Explorer, a common attack that's often associated with password-stealing spyware that snatch private information once you reenter it.
- Mal/VB-AER will modify other Internet Explorer settings to reduce your web-browsing security against online attacks.
Many of these issues use the Windows Registry, and SpywareRemove.com malware researchers recommend repairing your Registry after deleting Mal/VB-AER in a scan, if your anti-malware software is incapable of doing so itself.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:DC24154.exe
File name: DC24154.exeSize: 300.87 KB (300872 bytes)
MD5: 4c699216537e50a9db96a0b35ebc17b7
Detection count: 66
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: July 19, 2012
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.