Trojan:win64/Sirefef.E
Posted: November 7, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 82 |
| First Seen: | November 7, 2011 |
|---|---|
| OS(es) Affected: | Windows |
Trojan:win64/Sirefef.E is a dropper Trojan and a backdoor Trojan that's structurally very similar to TrojanDropper:Win32/Sirefef.B. Unlike its relative, however, Trojan:win64/Sirefef.E specializes in attacking 64-bit Windows computers and may not be a serious threat to computers that use 32-bit operating systems. SpywareRemove.com malware researchers have found that Trojan:win64/Sirefef.E infections are often found along with rootkits and scamware programs as well; these secondary infections can cause the symptoms of a Trojan:win64/Sirefef.E attack to vary greatly in scope and type. However, all Trojan:win64/Sirefef.E infections should be considered serious threats, since they're capable of attacking your security settings and may even disable unrelated types of software, until you take steps to remove Trojan:win64/Sirefef.E via appropriate anti-malware programs.
The Unpleasant Goodies That Trojan:win64/Sirefef.E Wants to Share with Your Computer
Trojan:win64/Sirefef.E can be considered a backdoor Trojan as well as a dropper Trojan, since Trojan:win64/Sirefef.E takes actions to reduce your computer's security, in addition to installing other types of hostile software. Standard attacks by Trojan:win64/Sirefef.E that SpywareRemove.com malware researchers warn to watch out for include:
- Changed network or firewall settings that allow Trojan:win64/Sirefef.E and other types of unauthorized programs to transfer files from and to external servers without your consent.
- Blocked security and anti-malware programs, including anti-virus scanners or Windows maintenance tools like Task Manager and the Registry Editor. These programs may even display a fake error message if you attempt to access them while Trojan:win64/Sirefef.E is active, or they may crash while they're in use.
- The installation of rootkits. Rootkits launch themselves without permission and may not even show an independent memory process, preferring to infect normal system processes so that they can conduct their attacks in a clandestine manner. Rootkits that are installed by Trojan:win64/Sirefef.E can be capable of stealing private information or causing extreme damage to your PC.
- The installation of rogue software. This can include fake defraggers, AV scanners, anti-spyware tools and file-cleaners. Scamware like these have a tendency to create fake system warnings and request you to spend money at a fraudulent website.
How to Put Trojan:win64/Sirefef.E to Sleep and Get Your PC Back in Top Shape
Deleting Trojan:win64/Sirefef.E improperly may fail to remove all of Trojan:win64/Sirefef.E's components, miss its payload or even leave your PC full of security holes that can be exploited in future attacks. SpywareRemove.com malware analysts encourage you to use only the best anti-malware programs that are available to remove Trojan:win64/Sirefef.E, since the possible presence of rootkits may complicate manual removal to the point of making it totally unfeasible.
Failure to remove Trojan:win64/Sirefef.E in the right way and as quickly as possible can result in a wide range of possible damage, as noted earlier with Trojan:win64/Sirefef.E's possible payload types. Since Trojan:win64/Sirefef.E may be configured to cause many types of harm to your PC, you should be certain to scan your entire computer before assuming that all aspects of a Trojan:win64/Sirefef.E infection have been expelled.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.dll
File name: file.dllSize: 18.94 KB (18944 bytes)
MD5: e59112b8f0e0dc8d72cf131c0d9969eb
Detection count: 44
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: November 7, 2011
file.dll
File name: file.dllSize: 16.89 KB (16896 bytes)
MD5: 1ff93acdae2dba88eda8581ed07fd091
Detection count: 43
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: November 7, 2011
file.dll
File name: file.dllSize: 16.38 KB (16384 bytes)
MD5: 4fbece69abd1f1f54dc0a39c8873a581
Detection count: 40
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: November 7, 2011
file.dll
File name: file.dllSize: 16.38 KB (16384 bytes)
MD5: a33aaf0cdf24d47dad05a5cebab5c78c
Detection count: 39
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: November 7, 2011
%AllUsersProfile%\Application Data\.dll
File name: %AllUsersProfile%\Application Data\.dllFile type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%AllUsersProfile%\Application Data\.exe(looks like Trojan:win64/sirefef.E)
File name: %AllUsersProfile%\Application Data\.exe(looks like Trojan:win64/sirefef.E)Mime Type: unknown/E)
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Trojan:win64/sirefef.E"HKEY_CURRENT_USER\Software\Wow6432NodeHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run "Trojan:win64/sirefef.E"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.