Home / malwarePDF  


First posted on 09 March 2018.
Source: Microsoft

Aliases :

There are no other names known for TrojanDownloader:Win32/Dofoil.X.

Explanation :


TrojanDownloader:Win32/Dofoil.X copies itself to c:\documents and settings\administrator\application data\a0d6a4.exe.


Contacts remote hosts
TrojanDownloader:Win32/Dofoil.X may contact the following remote hosts using port 80:

  • 0d09d0d2.dlaperylt.info
  • 288e5e75.dlaperylt.info
  • 8adddc90.dlaperylt.info
  • 8d411406.dlaperylt.info
  • a182eaa1.dlaperylt.info

Commonly, malware does this to:
  • Confirm Internet connectivity
  • Report a new infection to its author
  • Receive configuration or other data
  • Download and run files, including updates or other malware
  • Receive instructions from a remote hacker
  • Upload data taken from your PC
This malware description was produced and published using automated analysis of file SHA1 2985a046e0da803e9a393f08b15654619beaf9fe.

Last update 09 March 2018