W32/Branvine.A!tr.dldr

Release DateJun 04, 2009
Detection Availability
Active DatabaseExtended Database
FortiGatelowhigh
FortiClient
FortiMailN/A
Current Antivirus Definition Database Version: 11.583
Description

Visible Symptoms

  • Downloaded rogue antivirus software known as Privacy Center.

    • Detailed Analysis


    W32/Branvine.A!tr.dldr is classified as a downloader trojan.

    It downloads and installs a rougue antivirus software known as Privacy Center, which is detected as W32/PCenter.A!tr.

  • After installing, the Privacy Center creates the following files:
    • %ProgramFiles%\PCenter\pc.exe
    • %ProgramFiles%\PCenter\agent.exe
    • %ProgramFiles%\PCenter\sounds\1.mp3
    • %ProgramFiles%\PCenter\sounds\3.mp3
    • %ProgramFiles%\PCenter\faq\guide.html
    • %ProgramFiles%\PCenter\faq\images\gimg1.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg10.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg2.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg3.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg4.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg5.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg6.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg7.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg8.jpg
    • %ProgramFiles%\PCenter\faq\images\gimg9.jpg
    • %ProgramFiles%\PCenter\uninstall.exe
    • %Documents and Settings%\\Desktop\PCenter.lnk
    • %Documents and Settings%\\Application Data\PCenter\dbases\cg.dat
    • %Documents and Settings%\\Application Data\PCenter\dbases\mw.dat
    • %Documents and Settings%\\Application Data\PCenter\dbases\rd.dat
    • %Documents and Settings%\\Application Data\PCenter\dbases\sc.dat
    • %Documents and Settings%\\Application Data\PCenter\dbases\sm.dat
    • %Documents and Settings%\\Application Data\PCenter\dbases\sp.dat
    • %Documents and Settings%\\Application Data\PCenter\temp\settings.ini
    • %Documents and Settings%\\Application Data\PCenter\keys\cg.key
    • %Documents and Settings%\\Application Data\PCenter\keys\rd.key
    • %Documents and Settings%\\Application Data\PCenter\keys\sc.key
    • %Documents and Settings%\\Application Data\PCenter\keys\sp.key
  • The Privacy Center also creates the following folders:
    • %ProgramFiles%\PCenter
    • %ProgramFiles%\PCenter\tools
    • %ProgramFiles%\PCenter\tools\sp
    • %ProgramFiles%\PCenter\tools\sc
    • %ProgramFiles%\PCenter\faq
    • %ProgramFiles%\PCenter\sounds
    • %ProgramFiles%\PCenter\faq\images
    • %Documents and Settings%\\Application Data\PCenter
    • %Documents and Settings%\\Application Data\PCenter\dbases
    • %Documents and Settings%\\Application Data\PCenter\temp
    • %Documents and Settings%\\Application Data\PCenter\keys
  • The Privacy Center has graphical user interface similar below:


    • Figure 1: Privacy Center Main Console.


    Description Last Updated Date: Jun 05, 2009
    Reference: ID - 866351