Glossary
TrendWatch
PE_PATCHEP.A
Overview
Solution
Technical Details

Malware type: File infector

Aliases: Trojan Horse(Symantec), W32/Liger-A(Sophos), Trojan.Win32.Patched.cx(Kaspersky), TR/Patched.AA.54(Avira), W32/PEPatcher.c(McAfee)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

PE_PATCHEP.A Behavior Diagram

Malware Overview

This file infector may be dropped by other malware. It is the Trend Micro detection for the modified copy of a legitimate file that contains an injected code.

Upon execution, this file infector uses a certain API to load and execute a .DLL file detected by Trend Micro as TROJ_AGENT.DGW.

As a result, malicious routines of the .DLL file are executed on the affected system.

For additional information about this threat, see:
Solution
Technical Details
Statistics

Description created: Jun. 11, 2008 12:04:13 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.