Categories: RansomTrojan

What is “Trojan-Ransom.Win32.PornoAsset.dcko”?

The Trojan-Ransom.Win32.PornoAsset.dcko is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan-Ransom.Win32.PornoAsset.dcko virus can do?

Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Unconventionial binary language: Portuguese (Brazil)
Unconventionial language used in binary resources: Portuguese (Brazilian)
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Creates a copy of itself
Anomalous binary characteristics

Related domains:

ipdinho.ddns.net

How to determine Trojan-Ransom.Win32.PornoAsset.dcko?


File Info:
crc32: 61E4A412md5: 0d223662c5823ae3587660f1917f7b88name: 0D223662C5823AE3587660F1917F7B88.mlwsha1: 4bbd7d833f6f1c6c83252eacef86f8d6fbe3115dsha256: d6473f4f42fa3238c43a0140a2e138cacab71d08fdac7535e65be34649bf3f43sha512: 7e29b388a33d1949208beef796ffad9e495a3fb477ce090a202493acb8c15e12a399bae46b7e4867c8145527848a3700ef6644dfada53a01579dca7c242cf2b7ssdeep: 12288:18lzXPRyzzC5eXt/X2WhMlZK1ZEUIe6DMC5Qi5CH:uBXEK5eXMW4ZIXSMC52type: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Citrix Systems inc. CopyrightInternalName: CitrixFileVersion: 1.1.8.27CompanyName: Citrix Systems inc.LegalTrademarks: Citrix Systems inc. CopyrightComments: CitrixProductName: CitrixProductVersion: 1.0.0.0FileDescription: Citrix Systems inc.OriginalFilename: CitrixTranslation: 0x0416 0x04e4

Trojan-Ransom.Win32.PornoAsset.dcko also known as:

K7AntiVirus	Trojan ( 00487b8d1 )
Lionic	Trojan.Win32.Generic.4!c
DrWeb	BackDoor.Attack.3102
Cynet	Malicious (score: 100)
ALYac	Gen:Heur.Mint.SP.Dropper.2
Zillya	Trojan.PornoAsset.Win32.23415
K7GW	Trojan ( 00487b8d1 )
Cybereason	malicious.2c5823
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Delf.OKU
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.PornoAsset.dcko
BitDefender	Gen:Heur.Mint.SP.Dropper.2
NANO-Antivirus	Trojan.Win32.PornoAsset.eympus
MicroWorld-eScan	Gen:Heur.Mint.SP.Dropper.2
Tencent	Win32.Trojan.Pornoasset.Fru
Ad-Aware	Gen:Heur.Mint.SP.Dropper.2
Sophos	Mal/Generic-S
Comodo	Malware@#2221oev6tpces
BitDefenderTheta	Gen:NN.ZelphiF.34170.WG0@aaXdUbbG
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	GenericRXEJ-EI!0D223662C582
FireEye	Generic.mg.0d223662c5823ae3
Emsisoft	Gen:Heur.Mint.SP.Dropper.2 (B)
SentinelOne	Static AI – Suspicious PE
Avira	HEUR/AGEN.1140509
Antiy-AVL	Trojan/Generic.ASMalwS.24C0C16
Microsoft	Trojan:Win32/Skeeyah.A!rfn
GData	Gen:Heur.Mint.SP.Dropper.2
AhnLab-V3	Malware/Win32.RL_Generic.R325723
McAfee	GenericRXEJ-EI!0D223662C582
MAX	malware (ai score=98)
Malwarebytes	Malware.AI.4266553708
Panda	Trj/GdSda.A
Yandex	Trojan.GenAsa!9kNCFjVs2WI
Ikarus	Trojan.Win32.Delf
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Delf.OKU!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml