Home / malwarePDF  

PWS:Win32/Hoardy


First posted on 18 November 2016.
Source: Microsoft

Aliases :

There are no other names known for PWS:Win32/Hoardy.

Explanation :

Installation
This threat can create files on your PC, including:

  • %TEMP%\csrssc.exe


It modifies the registry so that it runs each time you start your PC. For example:

In subkey: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Sets value: "infme"
With data: ""%TEMP%\wmiprvse.exe""

Payload

Steals your sensitive information

This threat can steal your sensitive information, such as your user names and passwords for:
  • Email or social media websites
  • Banking websites
  • Online games


This malware description was published using automated analysis of file SHA1 64fcbd0e11d0f32b5362d0428c858ee09ca49aaa.

Last update 18 November 2016

 

TOP