Home / malware Infostealer.Obator
First posted on 25 April 2015.
Source: SymantecAliases :
There are no other names known for Infostealer.Obator.
Explanation :
The Trojan may be downloaded through Downloader.Obator.
When the Trojan is executed, it searches through .doc and .docx files for the following keywords: ObamaCameronEuropaFidelNuclearSecretoCONFIDENCIALRusiaDisidentesExilio
If the Trojan finds any files with any of these keywords, it connects to the following remote location in order to upload the files: [https://]t2upiokua37wq2cx.tor2web.orgLast update 25 April 2015
