Detect Date 11/20/2015
Class Trojan
Platform Win32

Malware in this family performs destructive actions on the user’s computer. When run, the program decrypts an auxiliary file contained inside its body, extracting the file to a temporary folder on the user’s computer. The extracted program sends a request to the attackers’ server. This server replies with a configuration file, which the program uses to continue its work.

Geographical distribution of attacks by the Trojan.Win32.Jorik family

Geographical distribution of detections during the period from 20 November 2014 to 20 November 2015

Top 10 countries with most attacked users (% of total attacks)

Country % of users attacked worldwide*
1 Russian Federation 10.96
2 India 9.64
3 Vietnam 6.60
4 Algeria 6.36
5 Mexico 4.81
6 Iran 4.89
7 Brazil 3.68
8 Thailand 2.77
9 Saudi Arabia 2.25
10 Kazakhstan 2.38

* Percentage of all unique Kaspersky users attacked by this malware

Find out the statistics of the threats spreading in your region