SecurityHome.eu TrojanDropper:Win32/Rovnix.E

Home / malware PDF

TrojanDropper:Win32/Rovnix.E

First posted on 22 December 2014.
Source: Microsoft
Aliases :
There are no other names known for TrojanDropper:Win32/Rovnix.E.
Explanation :
Threat behavior

Installation

This threat can be downloaded by other malware, including Win32/Zemot and Exploit:HTML/Pangimop.C.

It writes malicious code to certain disk sectors on the local hard drive of an infected machine.

It modifies the New Technology File System (NTFS) boot sector (detected as Virus:DOS/Rovnix.gen!A) to execute the written code. The machine will be rebooted after a successful installation.

Payload

Installs other malware

Every time your PC starts the modified NTFS boot sector will attempt to load the malicious code and run other malware on your PC.

Analysis by Chun Feng

Symptoms

Alerts from your security software might be the only symptom.

Last update 22 December 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

TrojanDropper:Win32/Rovnix.K
TrojanDropper:Win32/Rovnix.A
TrojanDropper:Win32/Rovnix.E
TrojanDropper:Win32/Rovnix.L