Home / malware Trojan:Win32/Mediyes.B
First posted on 24 March 2012.
Source: MicrosoftAliases :
Trojan:Win32/Mediyes.B is also known as Trojan.Mediyes!BKJRFHzFDHM (VirusBuster), TR/Mediyes.B.18 (Avira), Win32/Mediyes.D trojan (ESET), Trojan.Win32.Mediyes (Ikarus), Trojan.Win32.Mediyes.ag (Kaspersky), Troj/Mediys-Gen (Sophos).
Explanation :
Trojan:Win32/Mediyes.B is the DLL component of the Mediyes family, a multi-component family that steals account information for online payment systems.
Top
Trojan:Win32/Mediyes.B is the DLL component of the Mediyes family, a multi-component family that steals account information for online payment systems.
Installation
Trojan:Win32/Mediyes.B may be dropped and installed in the system by other members of the Mediyes family. Trojan:Win32/Mediyes.B is injected into browser processes such as the following:
- firefox.exe
- chrome.exe
- iexplore.exe
Payload
Connects to a remote server
Trojan:Win32/Mediyes.B may connect to a remote server to perform the following actions:
- get configuration file
- notify the server of a successful installation
- get additional information
Analysis by Elda Dimakiling
Last update 24 March 2012