Home / malware Trojan:Win32/Swrort.A
First posted on 26 September 2019.
Source: MicrosoftAliases :
Trojan:Win32/Swrort.A is also known as W32/Rozena.A.gen!Eldorado, W32/Swrort.A, Win32/Swrort.A!generic, Win32/Rozena.AA, Trojan.Win32.Rozena, Swrort.a, Mal/Swrort-A, Trojan.Win32.Swrort.A.
Explanation :
Trojan:Win32/Swrort.A is a detection for files that try to connect to a remote server. Once connected, an attacker can perform malicious routines such as downloading other files.
They can be installed from a malicious site or used as payloads of exploit files.
Once executed, Trojan:Win32/Swrort.A may connect to a remote server using different port numbers. Once connected, an attacker can perform malicious routines such as downloading other malware and executing them.
We have seen this threat connect to the following servers:
Analysis by Elda Dimakiling
202.54.98.156 via TCP port 4444 10.10.10.31 via TCP port 443 188.50.82.246 via TCP port 1234Last update 26 September 2019
