" Whatsapp Fake Notification (Malware Message from Whatsapp) "
Whatsapp is still as popular chat application in smartphone services, there are at least 300 million active users. With the number of users is much, criminals began using the name Whatsapp for fake sender. Techniques like this are often used by virus spreader. Not yet known whether the development of such messaging can attack the user in Indonesia. Today the name is used for camouflage Whatsapp messages for viruses infect, perhaps tomorrow will change again.
Campaign with the name of Whatsapp V "Voice Message Notification / 1 New Voicemail". When you find these messages or the like, it's not a Whatsapp message from the service provider. But it will be directed to download a trojan to retrieve other files and infect computers. So who is attacked computer.
Trojan Trojan.Win32.Sharik.qhd carried by the message is detected by 31 out of 48 antivirus.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sewweHKEY_LOCAL_MACHINE\SOFTWARE\Classes\.sewwe\ShellNew
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\DefaultIcon
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell\open
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell\print
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell\print\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell\printto
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\S6.Document\shell\printto\command
HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications
HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\S6
HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\S6\Settings
No comments:
Post a Comment