Tepfer.gen_4 is an infostealer that usually spreads via spam Emails with malicious attachments. Upon execution they mine the victim machine for vital inforamtion, they download and execute different trojan variants and execute them on the victim machine
File Related Changes
It drops the following file(s) on the system:
- "c:\Users\Admin\AppData\Local\Temp\hfdfjdk.exe"
Process Related Changes
It creates the following mutex(es):
It creates the following process(es): - C:\Users\Admin\AppData\Local\Temp\hfdfjdk.exe
- C:\windows\temp\FSEMC.06092013.exe.bin.exe
Network Activity
It attempts to connect to the following remote servers: - ce-cloud.com:443 (84.22.xxxxxx)
We observed the following DNS query/queries: |
