Summary
This program is packed using a packer program associated with numerous other malware.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Technical Details
This program has been packed by the PeCancer packer program (hence the name of the detection).
Samples identified by the same detection perform one or more of the following activities:
- Drop suspicious files or a copy of itself onto the system.
- Set launch points to itself, or to the files it drops.
- Some samples attempt to connect to and download from suspicious/malicious websites,
for example:
- hxxp://downxml.[..].cn/iepop/list/[..]
- hxxp://downxml.[..].cn/iepop/update/[..]
- hxxp://soft.jajaca.com/[..]
- hxxp://news.huigezi.net/[..]
Submit a sample
Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)
F-Secure Community
Give advice. Get advice. Share the knowledge on our free discussion forum.