SecurityHome.eu Trojan.Spy.Webmoner.CE

Home / malware PDF

Trojan.Spy.Webmoner.CE

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Spy.Webmoner.CE is also known as Backdoor:Win32/Hupigon(OneCare.
Explanation :
-In order to outwit the user, the file ofen has an icon of an installer or of a well-known file type(e.g. Media Player files, IE files); also, it may have names like iexplorer or svchost, sometimes modified (svchust);
-It makes a copy in one of the Windows folders and creates a .BAT (Uninstal.bat, delete.bat) file to delete itself from its initial location; the copy will be started as a Windows service. The service description contains only the service name or dobious random characters.
-It tries to download an executable file from suspicious URLs such as lzw791227.vicp.net or hacklwr1986.3322.org
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20