Home Malware Programs Viruses Sality.AM!corrupt

Sality.AM!corrupt

Posted: June 22, 2011

Threat Metric

Threat Level: 8/10
Infected PCs: 162
First Seen: June 22, 2011
Last Seen: December 5, 2021
OS(es) Affected: Windows

Aliases

Bck/Servu.FJ [Panda]TR/Servu.SH [AntiVir]BackDoor.Servu.50010 [DrWeb]Trojan.Servu.SH [BitDefender]not-a-virus:Server-FTP.Win32.Serv-U.gen [Kaspersky]Trojan.Servu.1 [ClamAV]Win32:Servu-E [Avast]Backdoor.Usirf [Symantec]potentially unwanted program ServU-Daemon [McAfee]HackerTool/BitCoinMiner [Fortinet]Troj/Mdrop-DOP [Sophos]DR/Aragon.SS [AntiVir]Trojan.BtcMine.4 [DrWeb]Gen:Win32.Malware.ruZ@aSVvZSdi [BitDefender]not-a-virus:RiskTool.Win32.BitCoinMiner.a [Kaspersky]
More aliases (94)

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%WINDIR%\cfdrive32.exe File name: cfdrive32.exe
Size: 122.88 KB (122880 bytes)
MD5: 414e483d0f965cf3e94bf5d4416e5046
Detection count: 108
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: June 28, 2011
%USERPROFILE%\Start Menu\Programs\Startup\start0.exe File name: start0.exe
Size: 285.24 KB (285241 bytes)
MD5: c5fc145b2b8061cccc2a277f32610084
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: July 11, 2011
d:\Documents and Settings\Hong\My Documents\Downloads\Cheat pb\doraemon\DhikaCoolboyzZ.dll File name: DhikaCoolboyzZ.dll
Size: 1.24 MB (1245275 bytes)
MD5: 849bf918d7154ef11590ba95a156c516
Detection count: 7
File type: Dynamic link library
Mime Type: unknown/dll
Path: d:\Documents and Settings\Hong\My Documents\Downloads\Cheat pb\doraemon
Group: Malware file
Last Updated: June 24, 2011
d:\Documents and Settings\Hong\My Documents\Downloads\Cheat pb\doraemon\Chams.dll File name: Chams.dll
Size: 620.03 KB (620032 bytes)
MD5: ae361b86428f00561163f273d6658eeb
Detection count: 7
File type: Dynamic link library
Mime Type: unknown/dll
Path: d:\Documents and Settings\Hong\My Documents\Downloads\Cheat pb\doraemon
Group: Malware file
Last Updated: June 24, 2011
Loading...