TROJ_SCRIPBRID.A
Posted: May 9, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 64 |
| First Seen: | May 9, 2012 |
|---|---|
| OS(es) Affected: | Windows |
TROJ_SCRIPBRID.A is a Trojan that's designed to launch a second PC threat, which takes advantage of Adobe Flash vulnerabilities to install a backdoor Trojan. Because TROJ_SCRIPBRID.A, like TROJ_MDROP.GDL or TROJ_ARTIEF.DOC, is distributed by spam e-mail, SpywareRemove.com malware analysts strongly encourage you to be cautious about opening file attachments from unusual e-mail messages, particularly if you have Flash installed on your PC. A successful TROJ_SCRIPBRID.A payload will eventually result in the installation of a backdoor Trojan that allows criminals to control your PC from a C&C server, and this result should always be considered an extreme threat to your computer's privacy and safety. Besides keeping anti-malware software to warn of TROJ_SCRIPBRID.A and related PC threats, there may be no symptoms of a successful TROJ_SCRIPBRID.A attack.
Why You Don't Want TROJ_SCRIPBRID.A to Be Your Sponsor
TROJ_SCRIPBRID.A has been observed to be distributed primarily by way of fake sponsorship membership information pamphlets that include TROJ_SCRIPBRID.A in the form of a fake Word document (AKA .doc). Although currently-circulated templates for TROJ_SCRIPBRID.A spam utilize references to the Institute of Acoustics, there's no guarantee that TROJ_SCRIPBRID.A will not use other templates in the future, and SpywareRemove.com malware experts encourage you to have anti-malware programs on-hand to scan e-mail-based file attachments whenever necessary. Once TROJ_SCRIPBRID.A is opened, TROJ_SCRIPBRID.A launches an immediate attack that involves a second PC threat, SWF_LOADER.EHL. SWF_LOADER.EHL, in its turn, exploits the Flash vulnerability CVE-2012-0779 to install a backdoor Trojan on your computer. This Flash exploit can run on all main operating systems, such as Windows, Linux and Mac.
CVE-2012-0779 has been resolved by a security update and keeping Flash updated is always encouraged to reduce exploits like CVE-2012-0779 that can be used to attack your PC. Alternately, disabling Flash or not installing it in the first place can also hamstring TROJ_SCRIPBRID.A's attacks. Because TROJ_SCRIPBRID.A's attacks utilize multiple PC threats, SpywareRemove.com malware researcher team emphasizes that scanning your entire computer after any possible TROJ_SCRIPBRID.A attack is essential to make sure that all related Trojans are exterminated.
When Failing to Turn Away TROJ_SCRIPBRID.A Turns into a Big Deal
Although TROJ_SCRIPBRID.A's efforts are limited to enabling other PC threats, the ultimate payload of a TROJ_SCRIPBRID.A attack can be a cause of various high-level security issues. TROJ_SCRIPBRID.A's backdoor Trojan, identified as BKDR_INJECT.EVL, has been analyzed by SpywareRemove.com malware researchers and found to be capable of the following attacks, at a minimum:
- Concealing malicious .dll components in your system folder.
- Injecting its code into normal system processes – namely, svchost.exe, which insures that BKDR_INJECT.EVL can run without creating a separate memory process.
- Launching itself automatically via standard Registry exploits.
- Starting or stopping system services without your consent.
- Updating itself to include different behaviors or additional features.
- Enabling the transfer of personal information from your PC to a remote C&C server.
- Downloading other malicious files from the aforementioned server.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:file.exe
File name: file.exeSize: 121.87 KB (121872 bytes)
MD5: 1750a38a44151493b675538a1ac2070b
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: June 22, 2012
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.