Home / malware PWS:Win32/Mujormel.D
First posted on 15 July 2014.
Source: MicrosoftAliases :
There are no other names known for PWS:Win32/Mujormel.D.
Explanation :
Threat behavior
Installation
PWS:Win32/Mujormel.D copies itself to c:\documents and settings\administrator\local settings\temp\wxteste.exe.
Payload
Contacts remote host
PWS:Win32/Mujormel.D might contact a remote host at smtps.uol.com.br using port 587. Commonly, malware does this to:This malware description was produced and published using automated analysis of file SHA1 1c2588f94ab91e48f1669f49b363f795760700f4.Symptoms
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instructions from a remote hacker
- Upload data taken from your PC
System changes
The following could indicate that you have this threat on your PC:
- You have these files:
c:\documents and settings\administrator\local settings\temp\wxteste.exeLast update 15 July 2014