Home / malwarePDF  

TrojanDownloader:Win32/Spallsade.A


First posted on 18 August 2012.
Source: Microsoft

Aliases :

There are no other names known for TrojanDownloader:Win32/Spallsade.A.

Explanation :



TrojanDownloader:Win32/Spallsade.A is a trojan that downloads arbitrary files from the Internet onto your computer; these arbitrary files may be detected as malware.



Installation

TrojanDownloader:Win32/Spallsade.A is dropped by TrojanDropper:Win32/Spallsade.A to the %TEMP% folder using a random file name.



Payload

Downloads and runs arbitrary files

The trojan downloads and runs arbitrary files, which may be malicious, from the following:

www<dot>sendspace<dot>com/pro/dl/<removed>lwn2g5

Displays a message

TrojanDownloader:Win32/Spallsade.A may display the following message once it has been run:

"An undefined error has occurred - <random number>"

Additional information

We have observed TrojanDownloader:Win32/Spallsade.A employing anti-debugging techniques in an effort to hinder analysis.



Analysis by Zarestel Ferrer

Last update 18 August 2012

 

TOP