| K7 Detection Name | Affected OS | Prevalence | AV Definition Version |
|---|---|---|---|
| Trojan ( 005affa51 ) | Windows | High | 12.239.55866 |
| MD5 | c3ead14fe233b96b83516aae2fc1d3ac |
| SHA256 | 3b4b62dabed0363c570d8b07fa85793b9f8706836ac1abd94c8acdedd836fb92 |
| File Size | 1,961,472 bytes |
| Packer Information | N/A |
| First Seen | 26-05-2025 |
| Last Seen | 04-06-2025 |
| Aliases | Win64/Agent.DFT |
Behavior Details
1. Dropped files:
phqg.dat
Under the folder
C:\$Recycle.Bin
2. Dropped files:
msvcrt64.dll
Under the folder
C:\Windows\sysnative
3. Dropped files:
msvcrt32.dll
mpssc64.exe
Under the folder
C:\Windows\System32
4. Dropped files:
xxxxxxxxxxxxxxxxxxxxxxxxxxxx.log
Under the folder
C:\Windows\Temp
Removal Instructions
1. Update the copy of K7 security to the latest version.
2. Scan the system completely and remove the detected files.
3. Restart the machine.