SecurityHome.eu Virus:Win32/Bamital.C

Home / malware PDF

Virus:Win32/Bamital.C

First posted on 30 August 2010.
Source: SecurityHome
Aliases :
There are no other names known for Virus:Win32/Bamital.C.
Explanation :
Virus:Win32/Bamital.C is the detection for the files "explorer.exe" and "winlogon.exe" when they are infected. The infection is caused by TrojanDropper:Win32/Bamital.C.
Top

Virus:Win32/Bamital.C is an infection of "explorer.exe" and "winlogon.exe" caused by TrojanDropper:Win32/Bamital.C. The infection is used to load a data file, "<system folder>\hlp.dat",which contains the bulk of the Bamital payload. This file is detected as Trojan:Win32/Bamital.C. Note: The original copies of "explorer.exe" and "winlogon.exe" are saved to "%windir%\temp" by the virus as "explorer.dat" and "winlogon.dat" respectively.

Analysis by Matt McCormack
Last update 30 August 2010

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Virus:Win32/Bamital.A
Virus:Win32/Bamital.C
Virus:Win32/Bamital.Q
Virus:Win32/Bamital.P
Virus:Win32/Bamital.H