Swizzor

Last updated February 25, 2019

Swizzor is a trojan horse. This Trojan program is a Windows PE EXE file, 62 KB in size.

In computing, a Trojan horse, or Trojan, is any malicious computer program which misleads users of its true intent. The term is derived from the Ancient Greek story of the deceptive wooden horse that led to the fall of the city of Troy.

It has numerous aliases such as:

Downloader.Swizzor (AVG)
Trojan-Downloader.Win32.Swizzor.cc (Kaspersky Lab)
Trojan.Swizzor (Doctor Web),
Troj/Swizzor-CC (Sophos),
TROJ_SWIZZOR.CC (Trend Micro),
Trojan.Downloader.Swizzor.CC (SOFTWIN),
Suspect File (Panda),
Win32/TrojanDownloader.Swizzor.CC (Eset)
TR/Dldr.Swizzor.Gen (Avira)

Kaspersky Lab is a multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

Sophos Group plc is a British security software and hardware company. Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management. Sophos is primarily focused on providing security software to the mid market and pragmatic enterprise from 100- to 5,000-seat organizations. Whilst not a primary focus, Sophos also protects home users, through free antivirus software intended to demonstrate product functionality. It is listed on the London Stock Exchange and is a constituent of the FTSE 250 Index. Recently, Sophos has been working to develop home antivirus with business-class technology to detect zero-day threats without the need of signatures.

Trend Micro Inc. is a Taiwanese multinational cyber security and defense company with global headquarters in Tokyo, Japan, a R&D center in Taipei, Taiwan, and regional headquarters in Asia, Europe and the Americas. The company develops enterprise security software for servers & cloud computing environments, networks, end points, consumers, and small & medium businesses. Its cloud and virtualization security products provide cloud security for customers of VMware, Amazon AWS, Microsoft Azure, Oracle and vCloud Air.

The Trojan works by downloading and launching files from the Internet on the infected machine. The trojan is rated as a medium risk.^[1]

Related Research Articles

Miniclip is a free online games website. It was launched in 2001 and is known for having a large and varied collection of games. It is the world's largest privately owned online gaming website. It was started in 2001 by Robert Small and Tihan Presbie on a budget of £40,000 and quickly grew. As of 2008, the company has been valued at over £900 million, having been profitable for six of its first seven years, with turnovers exceeding £20 million from 2006–2008 alone.

A dropper is a kind of Trojan that has been designed to "install" some sort of malware to a target system. The malware code can be contained within the dropper (single-stage) in such a way as to avoid detection by virus scanners or the dropper may download the malware to the target machine once activated.

PGPCoder or GPCode is a trojan that encrypts files on the infected computer and then asks for a ransom in order to release these files, a type of behavior dubbed ransomware or cryptovirology.

Cryptovirology is a field that studies how to use cryptography to design powerful malicious software. The field was born with the observation that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in the malware whereas the attacker sees the public key contained in the malware as well as the corresponding private key since the attacker created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the attacker can undo.

Trojan.Emcodec.E is a trojan horse that is mis-represented as an audio and video codec for Windows-based PCs. It exists in various variants with names such as Media Codec, Ecodec, Imediacodec, IntCodec, Pcodec, SVideocodec, Video iCodec, QualityCodec, Vcodec, Zip Codec, zCodec, ZCODEC and began to be widely used in spring 2005.

RavMonE, also known as RJump, is a Trojan that opens a backdoor on computers running Microsoft Windows. Once a computer is infected, the virus allows unauthorized users to gain access to the computer's contents. This poses a security risk for the infected machine's user, as the attacker can steal personal information, and use the computer as an access point into an internal network.

The Storm Worm is a backdoor Trojan horse that affects computers using Microsoft operating systems, discovered on January 17, 2007. The worm is also known as:

Orbit Downloader is a download manager for Microsoft Windows. In 2013, Orbit Downloader was classified as malware by antivirus software after ESET discovered a botnet in the application.

Srizbi BotNet, considered one of the world's largest botnets, and responsible for sending out more than half of all the spam being sent by all the major botnets combined. The botnets consist of computers infected by the Srizbi trojan, which sent spam on command. Srizbi suffered a massive setback in November 2008 when hosting provider Janka Cartel was taken down; global spam volumes reduced up to 93% as a result of this action.

AWF is a malicious Trojan downloader affecting the Microsoft Windows operating system.

Gumblar is a malicious JavaScript trojan horse file that redirects a user's Google searches, and then installs rogue security software. Also known as Troj/JSRedir-R this botnet first appeared in 2009.

Freemake Video Downloader is a crippleware download manager for Microsoft Windows, developed by Ellora Assets Corporation. It is a proprietary software that can download online video and audio. Both HTTP and HTTPS protocols are supported. Users must purchase a premium upgrade to remove Freemake branding on videos and unlock the ability to download media longer than 3 minutes in length.

Sality is the classification for a family of malicious software (malware), which infects files on Microsoft Windows systems. Sality was first discovered in 2003 and has advanced over the years to become a dynamic, enduring and full-featured form of malicious code. Systems infected with Sality may communicate over a peer-to-peer (P2P) network for the purpose of relaying spam, proxying of communications, exfiltrating sensitive data, compromising web servers and/or coordinating distributed computing tasks for the purpose of processing intensive tasks. Since 2010, certain variants of Sality have also incorporated the use of rootkit functions as part of an ongoing evolution of the malware family. Because of its continued development and capabilities, Sality is considered to be one of the most complex and formidable forms of malware to date.

Justin Ritter, better known by his stage name SwizZz, is an American rapper. He is best known for significantly collaborating with childhood friend Hopsin, and being signed to their record label Funk Volume, which was founded by Hopsin, himself, and his older brother Damien "Dame" Ritter. He has released various mixtapes including Haywire with Hopsin, and Good Morning SwizZzle. He is currently working on his untitled debut studio album.

Trojan:Win32/Meredrop is the definition of a Trojan downloader, Trojan dropper, or Trojan spy. Its first known detection goes back to February, 2010, according to Securelist.

A Trojan:Win32/Agent is the definition of a Trojan downloader, Trojan dropper, or Trojan spy. Its first known detection goes back to January 2008, according to Microsoft Malware Protection Center.

Trojan.Win32.FireHooker or Trojan:Win32/FireHooker is the definition of a Trojan downloader, Trojan dropper, or Trojan spy created for the Windows platform. Its first known detection goes back to September, 2015, according to the AVV Trend Micro.

A Trojan.WinLNK.Agent is the definition from Kaspersky Labs of a Trojan downloader, Trojan dropper, or Trojan spy.

HackTool.Win32.HackAV or not-a-virus:Keygen is the definition from Kaspersky Labs for a program designed to assist hacking. These programs often contain the signatures of potential malware, that is not dangerous by itself, but can interfere with the work on a PC, or can be used by a hacker to get some personal information from a user's computer.

Trojan.Win32.DNSChanger is the definition of multiple AV-Labs, of a (backdoor) Trojan. Due to McAfee Labs, this Malware variant was detected on April 19, 2009, though Microsoft Malware Protection Center knew about this threat since December 8, 2006.

References

↑ "Submission Summary". ThreatExpert. 2009-04-10. Archived from the original on 2012-02-17. Retrieved 2009-04-19.

This malware-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Submission Summary". ThreatExpert. 2009-04-10. Archived from the original on 2012-02-17. Retrieved 2009-04-19.