OSX/FkCodec-A

Category: Viruses and Spyware Protection available since:23 Apr 2012 03:30:26 (GMT)
Type: Trojan Last Updated:22 Jul 2016 09:10:59 (GMT)
Prevalence: Major Outbreak Publisher Name:Codec-M
Publisher URL:http://codecm.com/privacy.php

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

OSX/FkCodec-A is a fake installer that claims to be installing a video codec.

Instead, OSX/FkCodec-A installs a safari extension that serves ads and monitors browser activity and an updater daemon that checks for updated versions of the "codec" and downloads and runs the installer if the version on the server is newer than the version installed.  If there is no version installed (the safari extension has been forcibly removed) it will run the updater.

Examples of OSX/FkCodec-A include:

Example 1

File Information

Size
1.1M
SHA-1
016d2f20bd537c7a455ab28d5152f77e83e9c96a
MD5
1965cf71d274afcd44b073840eb060b2
CRC-32
8ec0f180
File type
Apple Mac executable
First seen
2007-09-19

Example 2

File Information

Size
1.1M
SHA-1
0191e38a6ea5780c300a9d10a18af83d37503faf
MD5
d4ff6e571293c390e5b570aa095c3110
CRC-32
8721f455
File type
Apple Mac executable
First seen
2015-01-22

Example 3

File Information

Size
1.1M
SHA-1
0a21e64fd345f76610168664d481105b5730fb5a
MD5
73c3ac0953ca88caf635734e2d0bb8f0
CRC-32
196c5d16
File type
Apple Mac executable
First seen
2007-10-26

download Try Sophos products for free
Download now