Home / malware TrojanDownloader:Win32/Adload.DC
First posted on 02 November 2011.
Source: SecurityHomeAliases :
TrojanDownloader:Win32/Adload.DC is also known as Win32/TrojanDownloader.Adload.NIP trojan (ESET), Trojan-Downloader.Win32.Adload (Ikarus).
Explanation :
TrojanDownloader:Win32/Adload.DC is a trojan that may connect to specific websites to download components that may generate pop-up advertisements.
Top
TrojanDownloader:Win32/Adload.DC is a trojan that may connect to specific websites to download components that may generate pop-up advertisements.
Installation
TrojanDownloader:Win32/Adload.DC may be dropped by other malware; at the time of writing, further details were not available.
Payload
Contacts remote hosts
In the wild, TrojanDownloader:Win32/Adload.DC has been observed connecting to the following website to download additional files:
ads.eorezo <dot>com/ cgi-bin/ advert/ getads<id>
Downloaded files are then saved into the Temporary Internet Files folder of the current user.
These files may be HTML pages, script or image components for advertisements.
Analysis by Zarestel Ferrer
Last update 02 November 2011
