Home / malware Trojan:W32/PasswordsPro
First posted on 11 April 2009.
Source: SecurityHomeAliases :
There are no other names known for Trojan:W32/PasswordsPro.
Explanation :
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
Additional DetailsThis is the family description for the Trojan:W32/PasswordsPro trojan family.
Variants in the PasswordsPro trojan family disguise themselves as password cracker programs. While active, the program silently drops payloads that may consist of additional malware.
Installation
When executed, the trojan will drop the following files:
• %temp%setuphelper.exe
• %temp%setup.exe - This is a copy of the malware.
The setuphelper.exe file is a working, clean password cracker program. In addition, numerous additional files, using almost the same name but with differing numbers, will be created. These additional files are malware.
Note that the directory that the dropping occurs to may vary from %temp%.
Activity
Additional malicious behavior depends on the specific payloads of the dropped malware.Last update 11 April 2009
