Worm:Win32/Cridex.E
Posted: January 16, 2013
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 14,663 |
|---|---|
| Threat Level: | 8/10 |
| Infected PCs: | 8,347 |
| First Seen: | December 17, 2012 |
|---|---|
| Last Seen: | September 5, 2023 |
| OS(es) Affected: | Windows |
Worm:Win32/Cridex.E is a worm that circulates via a spam email supposedly coming from US Airways. The fake US Airways email claims to be a confirmation of online-registration while tricking recipients into following malicious web-links. The misleading US Airways email message tells the affected PC user that he/she must arrive at the airport within 24 hours for a maximum time of 1 hour before his/her flight, which will take 2 hours in case of a journey to a foreign country. The affected PC user is required by the bogus email to take a print out of his/her boarding pass followed with heading towards the gate. The unsolicited US Airways includes web-links that connect with websites harboring BlackHole the infamous attack toolkit that picks security flaws within programs the affected computer user runs, so that Worm:Win32/Cridex.E can be installed on the machine. The deceptive electronic mail includes a lot of spelling mistakes, which indicates that the message is fraudulent.
Aliases
W32/Zbot.JXF!tr [Fortinet]Trojan-Downloader.Win32.Andromeda.ucj [Kaspersky]Dropper.Generic7.BCAI [AVG]W32/Daws.BDRL!tr [Fortinet]TR/Rogue.KD.843233 [AntiVir]Trojan.Winlock.7928 [DrWeb]Trojan-Dropper.Win32.Daws.bdrl [Kaspersky]Win32:VBCrypt-CEN [Trj] [Avast]Artemis!824E3E24C048 [McAfee]Heuristic.LooksLike.Win32.Suspicious.J!89 [McAfee-GW-Edition]Win32:Crypt-OSV [Trj] [Avast]Artemis!4C2B0369B42A [McAfee]Generic_r.BVX [AVG]W32/Injector.ZVR!tr [Fortinet]Trojan.Win32.Inject [Ikarus]
More aliases (1023)
More aliases (1023)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%SystemDrive%\RECYCLER\S-1-5-21-1214440339-484763869-839522115-1003\$46b7bee7dda0ebbfb3ff468be317f1f4\n.
File name: n.Size: 59.9 KB (59904 bytes)
MD5: 1475c7ffacdf13510f188fa1804bd7db
Detection count: 105
Path: %SystemDrive%\RECYCLER\S-1-5-21-1214440339-484763869-839522115-1003\$46b7bee7dda0ebbfb3ff468be317f1f4
Group: Malware file
Last Updated: January 21, 2013
%PROGRAMFILES%\Veebeam\VeebeamApp\VeebeamPlus.exe
File name: VeebeamPlus.exeSize: 3.08 MB (3088272 bytes)
MD5: f135c89bf58bf7cb3b5df31b254fa84e
Detection count: 85
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Veebeam\VeebeamApp
Group: Malware file
Last Updated: January 21, 2013
%LOCALAPPDATA%\VirtualStore\Downloaded Installations\qlggqkm.dll
File name: qlggqkm.dllSize: 291.84 KB (291840 bytes)
MD5: 7c51480dae9209fb6b14bdff09e3507a
Detection count: 73
File type: Dynamic link library
Mime Type: unknown/dll
Path: %LOCALAPPDATA%\VirtualStore\Downloaded Installations
Group: Malware file
Last Updated: January 21, 2013
%SystemDrive%\Users\<username>\AppData\Local\phxzbypky.exe
File name: phxzbypky.exeSize: 155.13 KB (155136 bytes)
MD5: 2b2c5fb178964cb488478547aabcb659
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Users\<username>\AppData\Local
Group: Malware file
Last Updated: January 21, 2013
%USERPROFILE%\Netpdmvd.exe
File name: Netpdmvd.exeSize: 201.72 KB (201728 bytes)
MD5: 119dedfe1c9acdcc2d7cdf4fbfc58c0f
Detection count: 34
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: January 21, 2013
denchocav4.sy
File name: denchocav4.sySize: 98.3 KB (98304 bytes)
MD5: 88fe3559c6e80696390d08f8187876ce
Detection count: 30
Mime Type: unknown/sy
Group: Malware file
Last Updated: January 17, 2013
221413f03979b366c64bd4f08396d4ba.exe
File name: 221413f03979b366c64bd4f08396d4ba.exeSize: 98.3 KB (98304 bytes)
MD5: 221413f03979b366c64bd4f08396d4ba
Detection count: 25
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 17, 2013
%USERPROFILE%\Local Settings\Application Data\WideSearch\wsearch.exe
File name: wsearch.exeSize: 413.69 KB (413696 bytes)
MD5: 2c8f1d6e03a6438bfcabfcf08d944a87
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Local Settings\Application Data\WideSearch
Group: Malware file
Last Updated: January 21, 2013
%USERPROFILE%\KBDwincred.exe
File name: KBDwincred.exeSize: 421.37 KB (421376 bytes)
MD5: a814ec807d702fe7a4cc39f2eb7dc05b
Detection count: 22
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: January 21, 2013
%PROGRAMFILES%\MyWay\myBar\1.bin\MYBAR.DLL
File name: MYBAR.DLLSize: 188.41 KB (188416 bytes)
MD5: c69235eb009ad221f49b9a17948868f8
Detection count: 19
File type: Dynamic link library
Mime Type: unknown/DLL
Path: %PROGRAMFILES%\MyWay\myBar\1.bin
Group: Malware file
Last Updated: January 21, 2013
%USERPROFILE%\Local Settings\Application Data\bniyert.dll
File name: bniyert.dllSize: 17.4 KB (17408 bytes)
MD5: c6e3f6589d41575e52f6d243ee8f210d
Detection count: 12
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data
Group: Malware file
Last Updated: January 21, 2013
%USERPROFILE%\wgsdgsdgdsgsd.exe
File name: wgsdgsdgdsgsd.exeSize: 189.19 KB (189192 bytes)
MD5: d09ecd77497a1b8fe6b85095a31fa37b
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%
Group: Malware file
Last Updated: January 21, 2013
%APPDATA%\Nbt\Nbt.exe
File name: Nbt.exeSize: 785.4 KB (785408 bytes)
MD5: 897405ea6ebd4631af3043533c370b4b
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Nbt
Group: Malware file
Last Updated: January 21, 2013
%PROGRAMFILES%\Vietkey2000\VKNT.EXE
File name: VKNT.EXESize: 173.05 KB (173056 bytes)
MD5: 88b6c83160acce3ed23cfff5361ed3f2
Detection count: 9
File type: Executable File
Mime Type: unknown/EXE
Path: %PROGRAMFILES%\Vietkey2000
Group: Malware file
Last Updated: January 21, 2013
%SystemDrive%\Microsoft_SDK\iexploror.exe
File name: iexploror.exeSize: 36.86 KB (36864 bytes)
MD5: ef2e5756561fb3bbe08c5330f43f31b5
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %SystemDrive%\Microsoft_SDK
Group: Malware file
Last Updated: January 21, 2013
%LOCALAPPDATA%\Lollipop\Lollipop.exe
File name: Lollipop.exeSize: 1.17 MB (1175552 bytes)
MD5: 6de3929ee22c2be55d1f19c3bca32cdf
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %LOCALAPPDATA%\Lollipop
Group: Malware file
Last Updated: January 21, 2013
%PROGRAMFILES(x86)%\ViralixVideo\vrlxmon.exe
File name: vrlxmon.exeSize: 112.12 KB (112128 bytes)
MD5: 71ef1b1aa90d92d56493db6345b63d64
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\ViralixVideo
Group: Malware file
Last Updated: January 21, 2013
%APPDATA%\4D08A9\4D08A9.exe
File name: 4D08A9.exeSize: 60.72 KB (60723 bytes)
MD5: 824e3e24c0481cf81e3205c3fe406467
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\4D08A9
Group: Malware file
Last Updated: February 6, 2013
%ALLUSERSPROFILE%\Local Settings\Temp\msacxufz.scr
File name: msacxufz.scrSize: 376.83 KB (376832 bytes)
MD5: 8594c1337d6d05ca76f2efc29e449244
Detection count: 5
Mime Type: unknown/scr
Path: %ALLUSERSPROFILE%\Local Settings\Temp
Group: Malware file
Last Updated: April 16, 2013
More files
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.