TROJ_FRS.PMA000JH14

 Analysis by: RonJay Kristoffer Caragay

 PLATFORM:

Windows

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This is the Trend Micro detection for Trojans that exhibit malicious actions such as modification of system settings, download and execution of arbitrary files, and stealing information.

Trojans are a general malware classification for malicious files, applications, or programs that may be bundled with malware or grayware packages. They may also be downloaded and installed unknowingly by users from the Internet. They may be also dropped by other malware onto the system.

Historically, people used Trojans to either further their research or gain notoriety. Now, cybercriminals use Trojans to gain profit by stealing user data like banking credentials and personal identifiable information (PII). They can sell this information in the cybercriminal underground or use it to launch other attacks such as phishing.

Some Trojans, coupled with social engineering techniques, are also capable of tricking users to do other activities. FAKEAV, for example, is a notorious malware family that displays phony alerts and scanning results to scare users into buying fake antivirus software. Trojans like RANSOMWARE can lock up files and systems, supposedly holding them captive. Users are not able to access their systems or files unless they pay ransom.

Trojans that modify an infected system's settings to automatically execute during startup may require procedures apart from scanning with an antivirus software.

If your Trend Micro product detects a file under this detection name, do not execute it especially if it comes from an untrusted or an unknown source (e.g., a website of doubtful nature).

  SOLUTION

Minimum Scan Engine:

9.700

FIRST VSAPI PATTERN FILE:

11.218.03

FIRST VSAPI PATTERN DATE:

17 Oct 2014

VSAPI OPR PATTERN File:

11.219.00

VSAPI OPR PATTERN Date:

17 Oct 2014

For Trend Micro Customers

Scanning your system with your registered Trend Micro security solution removes this malware.

Trend Micro products are powered by the Trend Micro™ Smart Protection Network™, a technology designed to protect you from all kinds of online security threats, regardless of type, attack vector, or behavior.

If you suspect a false positive (i.e. you believe the detected file to be non-malicious), kindly submit a sample of the detected file through the following channels for analysis:

  • For premium customers, click here.
  • For non-premium customers, click here.

For Non-Trend Micro Customers

You may download, install, and scan your system with HouseCall, our highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plug-ins, and other malware.


Did this description help? Tell us how we did.