Home / malwarePDF  

TrojanSpy:Win32/Banker.APN


First posted on 06 January 2017.
Source: Microsoft

Aliases :

There are no other names known for TrojanSpy:Win32/Banker.APN.

Explanation :

Installation
This threat modifies the hosts files on your PC to redirect network traffic:

  • \drivers\etc\hosts


It modifies the registry so that it runs each time you start your PC:

In subkey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sets value: "Update"
With data: ""

Payload

Collects your sensitive information

This threat can collect sensitive information without your consent, including:
  • The keys you press
  • The applications you open
  • Your web browsing history
  • Your credit card information
  • Your user names and passwords


It can also imitate a legitimate website to lure you into revealing sensitive information.



This malware description was published using automated analysis of file SHA1 36f6aa5100d0f6b6c8e6018657d808d2f4de4fcd.

Last update 06 January 2017

 

TOP