Poweliks
Posted: November 4, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 17,088 |
---|---|
Threat Level: | 8/10 |
Infected PCs: | 176 |
First Seen: | September 17, 2014 |
---|---|
Last Seen: | September 25, 2023 |
OS(es) Affected: | Windows |
Poweliks is a family of backdoor Trojans that have seen extensive use in both non-targeted attacks against the public and targeted ones against specific corporate and government entities. Along with its standard backdoor attacks that grant third parties a high degree of access to an infected PC, Poweliks also is notable for its stealth-based installation structure, which makes visual identification of its components particularly difficult. As usually is the case, malware researchers continue to recommend using anti-malware protection to identify or remove Poweliks and similar Trojans from any computer.
Poweliks: a Case in Backdoor Campaigns with Indiscriminate Targets
Poweliks Trojans have been exploited in a variety of diverse circumstances, with their distribution models often involving compromised (or outright threatening) websites hosting compromised scripts. Other attempts to install Poweliks Trojans have used e-mail messages with file attachments that exploit Adobe or Microsoft-brand vulnerabilities. The latter especially is a thematic hallmark of Axiom and other, 'professional' hostile organizations that target corporations, non-profit organizations and even various governments. However, even casual PC users are at risk of Poweliks infections as of 2014.
Many versions of Poweliks Trojans use a combination of Registry-based entries and the exploitation of legitimate software, such as PowerShell, to prevent themselves from being detected. Since Poweliks may have no threatening files that are visible on the victim's hard drive, both casual detection attempts and efforts by outdated security software easily could fail.
With a successful installation, Poweliks may be used to download more threats besides itself. Poweliks also may change your system settings, disable security features, upload files taken from your computer or monitor your PC's activities for information (such as passwords) worth stealing.
Having the Power to Eject a Poweliks Trojan
When the third parties commanding Poweliks Trojans are less than cautious about hiding their attacks, Poweliks may display excessive memory processes, cause poor system performance or create other symptoms to alert its victims. Although these cases may result in difficulty with using other applications, using Task Manager (or similar memory-management tools) can give you an immediate view of the processes most likely to correspond with Poweliks's attacks. However, when used by third parties intent on concealing the evidence of a Poweliks infection, Poweliks may show no symptoms at all. Updating and then running your anti-malware applications will offer the most dependable means of deleting Poweliks, or determining whether Poweliks is on your PC, in the first place.
Hoaxes known for Poweliks distribution include e-mail messages referencing postal service receipts or invoices. These tactics are easily identifiable by their requests for the victim to launch a file attachment, which is a blatant security risk that malware experts recommend avoiding in all circumstances. Understanding the difference between legitimate documentation and fraudulent attachments abused by third parties will protect your PC from Poweliks as much as having proper anti-malware protection could manage.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 376.83 KB (376832 bytes)
MD5: 7fdc8ff1a7ccaffa8106ef8d1ce38ecf
Detection count: 90
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 5, 2014
file.exe
File name: file.exeSize: 75.77 KB (75776 bytes)
MD5: a4ce3481d479362fb0f57b6b8a11d0a2
Detection count: 59
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 5, 2014
file.exe
File name: file.exeSize: 147.96 KB (147968 bytes)
MD5: bddea208f612c06322c21def1546182b
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 11, 2014
file.exe
File name: file.exeSize: 364.48 KB (364484 bytes)
MD5: 7791dd18bf586c6d551230d984aeb350
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 5, 2014
file.exe
File name: file.exeSize: 71.68 KB (71680 bytes)
MD5: 0181850239cd26b8fb8b72afb0e95eac
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 10, 2020
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.