SecurityHome.eu Trojan-Downloader:W32/Agent.HPS

Home / malware PDF

Trojan-Downloader:W32/Agent.HPS

First posted on 24 September 2008.
Source: SecurityHome
Aliases :
There are no other names known for Trojan-Downloader:W32/Agent.HPS.
Explanation :
Trojan-downloaders attempt to download and install new malware, spyware, or adware on the targeted computer. No graphical user interface can be seen; it will run in the background.

right]This file will copy itself to:

system32
s32net.exe

It creates a process as svchost.exe.

It sets a launch point with the following registry key:

Key: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
Value: rs32net
Data: system32
s32net.exe

Agent.HPS attempts to download files from these IP addresses:

91.203.92.7

208.66.195.16

208.66.195.71

208.66.195.232

208.66.195.240

216.195.55.50

216.195.56.22

209.66.122.238

Last update 24 September 2008

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:W32/Qhost.JE
Exploit.JS.Agent.F
Trojan-Downloader:HTML/Agent.DY
Trojan-Downloader:HTML/Agent.DY
Trojan-Downloader:HTML/Agent.DY
Trojan.Downloader.JS.Agent.PB
Trojan.Cidox!kmem
Trojan.Ransomlock!g75
Trojan.Klovbot!gen2
Trojan.Poweliks!gm