SecurityHome.eu Trojan.Dropper.Cutwail.D

Home / malware PDF

Trojan.Dropper.Cutwail.D

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Dropper.Cutwail.D is also known as VirTool:WinNT/Cutwail.F, (OneCare.
Explanation :
This malware drops the following files
%SYSDIR%WLCtrl32.dll
%SYSDIR%drivers<random_name>.sys
It modifies the registry in order to enable its automatic excution after every system reboot the execution is enabled also in Safe Mode) and registers itself as a service.
After executing the dropper deletes itself.
The driver has WLCtrl32.dll inside its resource section and it restores it and/or the registry entries if removed.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20