SecurityHome.eu Trojan:Win32/Tibs.gen!lds

Home / malware PDF

Trojan:Win32/Tibs.gen!lds

First posted on 10 February 2020.
Source: Microsoft
Aliases :
Trojan:Win32/Tibs.gen!lds is also known as Trojan-Downloader.Win32.Agent.kwo, BACKDOOR.Trojan, WORM_NUCRP.GEN.
Explanation :
Trojan:Win32/Tibs.gen!lds is generic detection for a component of Win32/Tibs. This trojan downloads and executes malware from predefined Web sites. InstallationWhen Win32/Tibs.gen!lds is run, it may drop a copy of itself as the following file:cbevtsvc.exe The trojan may modify the registry to execute its copy at each Windows start as a service. When the trojan is executed, it is run with a parameter as in this example:%SystemRoot%System32CbEvtSvc.exe -k netsvcs The trojan may add other registry values associated with this trojan.Adds value: "Opt"With data: ""To subkey: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesCbEvtSvc PayloadWin32/Tibs.gen!lds may download and run other malware from predefined Web sites.
Last update 10 February 2020

TOP

Malware :

Last 20

Trojan:Win32/Tibs.gen!lds

Aliases :

Explanation :

Malware :

Family: