You're in: Panda Security > Home Users > security-info > about-malware > encyclopedia > overview
Active Scan. Scan your PC free
Panda Security Product Line 2012

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Frethem.K

 
Threat LevelModerate threatDamageHighDistributionNot widespread

Effects 

When Frethem.K activates it has the following effect:

  • It obtains the contacts stored in the Address Book in order to use them to infect other systems.

Infection strategy 

Frethem.K creates the following file :

Frethem.K creates the following entry in the Windows Registry:

  • HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Run\ Task Bar = %Windows%\ TASKBAR.EXE

    By doing this it ensures that it is run, every time the affected computer is started.

Means of transmission 

Frethem.K mainly spreads via e-mail in a message with the following characteristics:

  • Subject:
    Re: Your password!
  • Message:
    ATTENTION!
    You can access
    very important
    information by
    this password
    DO NOT SAVE
    password to disk
    use your mind
    now press
    cancel
  • Attachments: One of the following:
    DECRYPT-PASSWORD.EXE
    PASSWORD.TXT

Frethem.K activates when the attached file is run.

It automatically sends itself out to all the contacts in the Address Book.

Further Details  

Other intersting characteristics of Frethem.K are:

  • Frethem.K is compressed with PE-Pack and UPX.
  • It is written in the programming language Visual C++.
  • The file that carries out the infection is 47,616 bytes in size.
  • Frethem.K contains the following text in its code:
    thAnks tO AntIvIrUs cOmpAnIEs fOr dEscrIbIng thE IdEA!
    nO AnY dEstrUctIvE ActIOns! dOnt wArrY, bE hAppY