Discovered: July 17, 2007
Updated: July 17, 2007 4:28:20 PM
Also Known As: Virus.Win32.Gpcode.ai [Kaspersky], Win32/Kollah.AB [Computer Associates], Troj/GPCoder-G [Sophos], Sinowal.FY [Panda Software], PWS-JT [McAfee]
Type: Trojan
Infection Length: 58,368 bytes
Systems Affected: Windows XP, Windows NT, Windows Server 2003, Windows 2000
Trojan.Gpcoder.E is a Trojan horse that encrypts files and then prompts the user to purchase a password in order to decrypt them.
Note: Virus definitions dated July 17, 2007 or earlier detect this threat as Infostealer.Banker.C.
Protection
-
Initial Rapid Release version July 17, 2007 revision 009
-
Latest Rapid Release version May 11, 2009 revision 019
-
Initial Daily Certified version July 18, 2007 revision 004
-
Latest Daily Certified version May 11, 2009 revision 034
-
Initial Weekly Certified release date July 18, 2007
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Easy
Damage
-
Damage Level: Low
-
Payload: Encrypts certain file types on the compromised computer.
Opens a back door.
-
Releases Confidential Info: May steal sensitive information.
Distribution
Writeup By: Elia Florio
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
