Scareware on primary PC - Virus, Trojan, Spyware, and Malware Removal Help
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 4b8111b0-d95e-41d1-8345-c5998ef048b1 |
| Fingerprint | 95ce3887cc460ced |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 20, 2023, 10:08 p.m. |
| Added to db | Jan. 23, 2023, 7:58 p.m. |
| Last updated | Nov. 8, 2024, 10:23 p.m. |
| Headline | Scareware on primary PC |
| Title | Scareware on primary PC - Virus, Trojan, Spyware, and Malware Removal Help |
| Detected Hints/Tags/Attributes | 24/1/25 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.bleepingcomputer.com/forums/t/781616/scareware-on-primary-pc/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 10 | foxitsoftware.com |
|
| Details | File | 86 | frst.txt |
|
| Details | File | 35 | c:\windows\system32\driverstore\filerepository\realtekservice.inf |
|
| Details | File | 35 | rtkauduservice64.exe |
|
| Details | File | 1 | c:\program files\systeminternals\procexp64.exe |
|
| Details | File | 5 | npfoxitphantompdfplugin.dll |
|
| Details | File | 3 | npfoxitpdfreaderplugin.dll |
|
| Details | File | 91 | addition.txt |
|
| Details | File | 17 | filesyncshell64.dll |
|
| Details | File | 5 | %windir%\system32\lodctr.exe |
|
| Details | File | 5 | %windir%\syswow64\lodctr.exe |
|
| Details | File | 3 | c:\windows\system32\lodctr.exe |
|
| Details | File | 4 | c:\windows\syswow64\lodctr.exe |
|
| Details | File | 4 | fixlist.txt |
|
| Details | File | 5 | fixlog.txt |
|
| Details | Url | 1 | https://www.ble |
|
| Details | Windows Registry Key | 50 | HKLM-x32\...\Run |
|
| Details | Windows Registry Key | 104 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows |
|
| Details | Windows Registry Key | 2 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir |
|
| Details | Windows Registry Key | 6 | HKLM\SOFTWARE\Policies\Microsoft\Internet |
|
| Details | Windows Registry Key | 19 | HKLM-x32\...\Edge\Extension |
|
| Details | Windows Registry Key | 18 | HKLM\...\Chrome\Extension |
|
| Details | Windows Registry Key | 39 | HKLM-x32\...\Chrome\Extension |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3940079878-3087060678-705383559-1002_Classes\CLSID |
|
| Details | Windows Registry Key | 1 | HKU\S-1-5-21-3940079878-3087060678-705383559-500_Classes\CLSID |