Home / malware TrojanDownloader:Win32/Muzat.A
First posted on 13 November 2019.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Muzat.A.
Explanation :
TrojanDownloader:Win32/Muzat.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer. Installation TrojanDownloader:Win32/Muzat.A creates the following files on your computer:
%programfiles%wrapper_instinstall_service.xml %programfiles%wrapper_instinstall32.xml %programfiles%wrapper_instinstall64.xml %programfiles%wrapper_instinstallxp.xml %programfiles%wrapper_instservice.exe c:documents and settingsadministratorlocal settings emp
stf.tmpinetc.dll c:documents and settingsadministratorlocal settings emp
stf.tmp
sprocess.dll c:documents and settingsadministratorlocal settings emp
stf.tmpsystem.dll Payload Terminates processes TrojanDownloader:Win32/Muzat.A terminates the following processes should they be running on an affected computer:
explorer.exe
Contacts remote host The malware may contact a remote host at www.chatzum.com using port 80. Commonly, malware may contact a remote host for the following purposes: To report a new infection to its author To receive configuration or other data To download and execute arbitrary files (including updates or additional malware) To receive instruction from a remote attacker To upload data taken from the affected computer
This malware description was produced and published using our automated analysis system's examination of file SHA1 c43d334466308a12c00460624627c798b75ce772.Last update 13 November 2019
