SecurityHome.eu Trojan.Retapu.D

Home / malware PDF

Trojan.Retapu.D

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Retapu.D is also known as Trojan.Downloader.Small.AACD, Trojan-Downloader.Win32.Small.eqn, Trojan:Win32/Anomaly.gen!A.
Explanation :
Trojan.Retapu.D is a downloader, it's task is to download additional pieces of malware from the internet and run them on the infected computer.

It downloads this file:

http://XXX.a.wrs.mcboo.com/retadpu.exe

and executes it after downloading. After this step is completed Trojan.Retapu.D exits.

The newly downloaded file is copied into %windir% folder and then puts it into startup key so it runs at Windows startup everytime. It is also a downloader but similar to an updater: transfers additional components of the Retapu family on the infected computer on a regular basis (as to keep them with latest 'versions').
Last update 21 November 2011

TOP

Malware :

Dridex
Shamoon 2
Hitler-Ransomware
Trojan.Win32.Vicepass.A
ButterflyBot.A

Last 20