Home / malware TrojanSpy:Win32/Banload.ZEK
First posted on 07 October 2014.
Source: MicrosoftAliases :
There are no other names known for TrojanSpy:Win32/Banload.ZEK.
Explanation :
Threat behavior
Installation
TrojanSpy:Win32/Banload.ZEK creates the following files on your PC:
- c:\documents and settings\administrator\local settings\application data\google\chrome\user data\local state
Payload
Contacts remote host
TrojanSpy:Win32/Banload.ZEK might contact a remote host at www.netneja.com.br using port 80. Commonly, malware does this to:
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instructions from a remote hacker
- Upload data taken from your PC
This malware description was produced and published using automated analysis of file SHA1 0dce10507dcad9c2f3df7375c952c3f489b0db44.Symptoms
System changes
The following could indicate that you have this threat on your PC:
c:\documents and settings\administrator\local settings\application data\google\chrome\user data\local state
- You have these files:
Last update 07 October 2014
