Home / malware Trojan.Dionisduke
First posted on 18 July 2015.
Source: SymantecAliases :
There are no other names known for Trojan.Dionisduke.
Explanation :
The Trojan arrives through spear-phishing emails.
When the Trojan is executed, it connects to one of the following remote locations: secure.hgl.com/external/4/player.swfextranet.qualityplanning.com/webscriptsecurity/view/4/player.swfwww.visionresearch.com/video/social/4/player.swfedadmin.kearsney.com/LeaveMan/unknown/4/loading.swf
The Trojan then downloads an .swf file with an encrypted executable payload.Last update 18 July 2015
