Trojan-PSW.Win32.Tepfer
Posted: April 22, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 183 |
First Seen: | August 21, 2012 |
---|---|
Last Seen: | May 2, 2022 |
OS(es) Affected: | Windows |
Trojan-PSW.Win32.Tepfer is a group of Trojans that are used to steal confidential information (particularly account passwords), as well as distribute themselves through spam and/or install other further types of malware. One of the latest Trojan-PSW.Win32.Tepfer attacks, distributing a variant labeled Trojan.GenericKDZ.14575, has been connected to spam e-mail messages claiming to offer news reports about the Boston Marathon bombing. However, other infection vectors also may be used, particularly for other variants of Trojan-PSW.Win32.Tepfer, and SpywareRemove.com malware researchers recommend that you consider any potential contact with Trojan-PSW.Win32.Tepfer to be a highly invasive breach of your computer's privacy. Anti-malware applications of good repute may, of course, be used to find and delete Trojan-PSW.Win32.Tepfer expediently.
Trojan-PSW.Win32.Tepfer: When a Bomb's Radius Reaches into the Web
Sensational news items are one of the many disguises that malware-designing criminals use to distribute their malicious software, and the Boston Marathon's bombing event, unfortunately, is not an exception to the trend. Trojan-PSW.Win32.Tepfer's latest attacks have abused the tragic bombing in Boston to distribute a variant of Trojan-PSW.Win32.Tepfer through spam e-mail messages that contain links to a compromised website. The website's drive-by-download exploits is affiliated with the RedKit Exploit Kit, which installed the variant of Trojan-PSW.Win32.Tepfer by using exploits for such programs as Flash and Java.
Different versions of Trojan-PSW.Win32.Tepfer may be detected as variants of Trojan Zeus, Smoaler or Fareit. Regardless of the name that Trojan-PSW.Win32.Tepfer is found under, Trojan-PSW.Win32.Tepfer always is used to steal account login information, especially passwords for FTP programs and e-mail accounts. SpywareRemove.com malware research team also has connected Trojan-PSW.Win32.Tepfer attacks to:
- Spam e-mail messages – like the very ones that are used to distribute Trojan-PSW.Win32.Tepfer. Having your PC being used for mass-mailing attacks also may harm its stability or performance.
- Theft of Bitcoin currency.
- Backdoor vulnerabilities that can allow criminals to control your computer or install other malware, in addition to Trojan-PSW.Win32.Tepfer.
Why Trojan-PSW.Win32.Tepfer's Story Doesn't Stop with Boston
It should be emphasized that Trojan-PSW.Win32.Tepfer, as a broad family of spyware, is not limited to being distributed by the infection vector mentioned earlier. SpywareRemove.com malware experts also have verified Trojan-PSW.Win32.Tepfer's distribution through other forms of e-mail spam, such as fake wire transfer notifications, fake confidentiality notices and fake US Department of Treasury messages. Notably, some of Trojan-PSW.Win32.Tepfer's past attacks have included the installer in the form of a file attachment, but current attacks appear to promote malicious Trojan-PSW.Win32.Tepfer-distributing sites through links.
A high-level threat to your computer's safety, not to mention the safety of your online accounts, Trojan-PSW.Win32.Tepfer always should be removed hastily, but anti-malware applications should be used to guarantee deleting Trojan-PSW.Win32.Tepfer entirely. SpywareRemove.com malware experts also recommend that you change any passwords that may have been stolen in the lifetime of any Trojan-PSW.Win32.Tepfer infection.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:boston.avi_______.exe
File name: boston.avi_______.exeSize: 40 KB (40001 bytes)
MD5: 6ad5c11fb0e0c7c5e1cbc736b4b66676
Detection count: 75
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 23, 2013
Binary0.exe
File name: Binary0.exeSize: 32.76 KB (32768 bytes)
MD5: 3ef06bae42ba35e0a1a1da4a587b87da
Detection count: 73
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 23, 2013
boston.avi_______.exe
File name: boston.avi_______.exeSize: 815.61 KB (815616 bytes)
MD5: 5ea646ffdc1e9bc7759fdfc926de7660
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 23, 2013
newbos3.exe
File name: newbos3.exeSize: 815.61 KB (815616 bytes)
MD5: fdbc94958b8f0ec2b24302c6d4685c46
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 23, 2013
%WINDIR%\batch.exe
File name: batch.exeSize: 970.75 KB (970752 bytes)
MD5: 5e7c09d24e4378c44baa97b78db17a34
Detection count: 39
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%
Group: Malware file
Last Updated: July 16, 2013
Registry Modifications
HKEY..\..\..\..{RegistryKeys}Software\Microsoft\Windows\CurrentVersion\Run\SonyAgent
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.