Detect date
04/25/2018
Class
Rootkit
Platform
Win64

Parent class: TrojWare

Trojans are malicious programs that perform actions which are not authorized by the user: they delete, block, modify or copy data, and they disrupt the performance of computers or computer networks. Unlike viruses and worms, the threats that fall into this category are unable to make copies of themselves or self-replicate. Trojans are classified according to the type of action they perform on an infected computer.

Class: Rootkit

This type of malicious program is designed to conceal certain objects or activities in the system. Registry keys (those used to automatically launch malicious objects, for example), files, folders, and processes in the memory of an infected computer, as well as malicious network activity, can all be hidden. Rootkits themselves have any malicious payload but in most cases, this type of program is used to prevent malicious programs from being detected and extend the length of time that they run on an infected computer.

Read more

Platform: Win64

Win64 is a platform on Windows-based operating systems for execution of 32-/64-bit applications. Win64 programs cannot be launched on 32-bit versions of Windows.

Description

Programs of this family are malicious objects that are loaded into main memory and conceal the fact of another malicious software program functioning.

Top 10 countries with most attacked users (% of total attacks)

1
Russian Federation
36.79%
2
Vietnam
18.43%
3
India
4.97%
4
China
4.11%
5
Brazil
3.27%
6
Ukraine
2.98%
7
Indonesia
2.94%
8
United States
1.86%
9
Peru
1.66%
10
Kazakhstan
1.27%

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.