SecurityHome.eu Trojan.Dropper.Delf.HS

Home / malware PDF

Trojan.Dropper.Delf.HS

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Dropper.Delf.HS is also known as Backdoor.Win32.IRCBot.acd, Trojan.MulDrop.7373, W32.SillyIRC, Backdoor:Win32/IRCbot.OP, W32/Backdoor.AZWJ.
Explanation :
This is a trojan which has the capabilities to drop and inject malware code into legitimate processes.

The variant having a higher spread comes with an embedded IM worm which is detected as Win32.Worm.Potos.A . It drops the worm as %system%sysprinters.dll and then a copy of the whole package as %windir%myalbum2007.zip.

The worm will run as a remote thread in explorer.exe. In order to infect other computers, the worm will try to fool users to download myalbum2007.zip pretending there are some pictures in the archive.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan.Dropper.Delf.HS
Virus:W32/Delf.BO
Delf.ACC
Trojan.Dropper.Delf.BAS
Win32.Worm.Delf.NCZ
Trojan.Crypt.Delf.F
Trojan.Delf.Inject.BK
Win32.Worm.Delf.NFW
Delf.V
Trojan-Downloader:W32/Delf.AWY