SecurityHome.eu Trojan.Ascesso.C

Home / malware PDF

Trojan.Ascesso.C

First posted on 05 August 2014.
Source: Symantec
Aliases :
There are no other names known for Trojan.Ascesso.C.
Explanation :
The Trojan may arrive through spam emails or may be dropped by the Nuclear Exploit Kit.

When the Trojan is executed, it creates the following files:
C:\Documents and Settings\[USER NAME]\[RANDOM NAME].exe%Temp%\[RANDOM NUMBER][RANDOM NUMBER][RANDOM NUMBER][RANDOM NUMBER].bat
The Trojan creates the following registry entry so that it runs every time Windows starts:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"MSConfig" = "C:\Documents and Settings\[USER NAME]\[RANDOM NAME].exe"

The Trojan may perform the following actions:
Inject malicious code into the svchost.exe process to hide itself on the compromised computerConnect to 123.45.67.89 to download additional files or updatesSend spam emails
Last update 05 August 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan.Ascesso.C