Home / malware Trojan.Stepnet
First posted on 02 December 2015.
Source: SymantecAliases :
There are no other names known for Trojan.Stepnet.
Explanation :
The Trojan may arrive on the compromised computer after being manually installed.
When the Trojan is executed, it creates the following files:
%Temp%\~winword.vbs%AppData%\PDAppflex\WINWORD.EXE
The Trojan creates the following registry entry:HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run/"BluetoothTray" = "%Temp%\~winword.vbs"
The Trojan opens a back door to a remote location, and may perform malicious activities on the compromised computer.Last update 02 December 2015
