Home / malware TrojanDownloader:Win32/Qanif.A
First posted on 13 November 2014.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Qanif.A.
Explanation :
Threat behavior
Installation
TrojanDownloader:Win32/Qanif.A creates the following files on your PC:
- c:\documents and settings\administrator\local settings\application data\system3.txt
Payload
Contacts remote host
TrojanDownloader:Win32/Qanif.A might contact a remote host at 187.108.195.90 using port 80. Commonly, malware does this to:
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instructions from a remote hacker
- Upload data taken from your PC
This malware description was produced and published using automated analysis of file SHA1 f403973635769328ccf61033fba0f70cc1d76d24.Symptoms
System changes
The following could indicate that you have this threat on your PC:
- You have these files:
c:\documents and settings\administrator\local settings\application data\system3.txtLast update 13 November 2014
