Troj/Krap-F

Category: Viruses and Spyware Protection available since:18 Mar 2010 20:44:08 (GMT)
Type: Trojan Last Updated:18 Mar 2010 20:44:08 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Krap-F is a Trojan for the Windows platform.

Troj/Krap-F includes functionality to:

- run automatically
- copy itself to the <System> folder
- create files in the <System> folder
- steal confidential information
- access the internet and communicate with a remote server via HTTP

Troj/Krap-F communicates via HTTP with the following locations:

contexstyle . ru


When Troj/Krap-F is installed the following files are created:

<System>\lowsec\local.ds
<System>\lowsec\user.ds
<System>\lowsec\user.ds.lll
<System>\sdra64.exe

Registry entries are set as follows:

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Connections
DefaultConnectionSettings

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Winlogon
Userinit

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Connections
SavedLegacySettings

Registry entries are created under:

HKCU\Software\Microsoft\Protected Storage System Provider

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy