Home / malware TrojanDownloader:Win32/Zawwi.A
First posted on 12 October 2015.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Zawwi.A.
Explanation :
Threat behavior
Installation
This threat can create files on your PC, including:
- %TEMP%\ytmp\t14835.bat
- %TEMP%\ytmp\t14888.exe
Payload
Downloads malware or unwanted software
This threat can download other malware and unwanted software onto your PC, including VirTool:MSIL/Injector.GR.
We have seen it connect to the following remote host:
- 89.45.
.200
The downloaded file is saved and run from %TEMP%/lol.exe.
This malware description was published using automated analysis of file SHA1 8a4148ca107d60e0f430004b599b2ce1f94717ee.
Symptoms
The following can indicate that you have this threat on your PC:
- You see a file similar to:
- %TEMP%\ytmp\t14835.bat
- %TEMP%\ytmp\t14888.exe
Last update 12 October 2015
