Security Info

  • Security Center
    • Virus
  • Security Dictionary
  • Security Service
  • Free Download!!

Threats DB


Typical Symptoms  Changes registry,Sends email,Generating traffics,Creates file
Discovered  [korea] 0000-00-00
 [Foreign] 0000-00-00
Type  Trojan Horse ActiveField  Win32
Origin  others Encryption  NO
Location  Macro Memory residence  NO
Scan engine needed
2014-09-17 [Able to detect & repair]
  • Free trial download

Malicious code that spread through Spam Mail(photo.exe)


Many Spam Emails with the title "my new photo ;) " have been found recently. If the attached file(photo.exe) is executed, it could do Bot functions by connecting to malicious servers and send SMTP for infecting of other users.


[The symptom]

It sends Spam Emails and induces users to check a attached file(

When the attached file is executed, it creates a copy in a specific folder and, it creates malicious files disguised as a normal filename in folder of '(user account) Application data'.


* ​The created malicious codes are added in Windows registry for executing automatically after Windows rebooting.


 * It seems that the created files send emails in order to infect other users using SMTP account.


* In addition, it seems that it tries to access a specific site in order to do additional malicious actions, but there are no normal connections currently.


* If users become infected with this malicious code, it seems to be occurred overload with users' PC by massive network connections and additional malicious behaviors. 



Removal Instructions

[How to repair] 

Reparable by ViRobot engine ver. 2014-09-19 or above. 

Copyright 2008 @ HAURI Inc. All rights reserved. SiteMap