I found this infection in Enzo this morning and I thought it might make a good seasonal warning to our community.
The file itself is called HAPPY_HOLIDAY_VIDEO_MPG
The ending of this filename MPG, might fool a computer user into thinking that it is an MPG video file, a common video file type.
However the real name of this file on the system is HAPPY_HOLIDAY_VIDEO_MPG.EXE which shows that this file is actually an executable file. Executable files once ran can do all kinds of damage to a machine.
This file:
- Has Simpsons style logo!: [img]https://uploads-us-west-2.insided.com/webroot-en/attachment/18023i199EC7C777DCBF81.png[/img]
- Does nothing visually when clicked
- Hides bad DAT file from user in the Window directory
- Inputs code into powershell.exe
- Loads a program to startup at boot
- Downloads files from “6mcoralmaquinas.com” which is a Malware site recognized by 4 vendors
In this case it drops a Trojan infection on the machine and these infections are very nasty and can steal information or lock up a PC or a PCs data and hold it to ransom.
Although Webroot will protect you against this particular file we would recommend that everyone exercise caution when opening up attachments this holiday season.