SecurityHome.eu TrojanDownloader:VBS/Schopets

Home / malware PDF

TrojanDownloader:VBS/Schopets

First posted on 30 September 2017.
Source: Microsoft
Aliases :
There are no other names known for TrojanDownloader:VBS/Schopets.
Explanation :
This trojan downloader is a VBScript that downloads and runs other malware, including Ransom:Win32/Locky. To download malware, this threat connects to several URLs, including:

hXXp://babyemozioni[dot]it/KJSkjdhf

hXXp://tertrodefordown[dot]info/af/YTkjdJH7w1

hXXp://baptistown-nj[dot]com/KJSkjdhf

It stores downloaded ransomware as %APPDATA%\\Local\\Temp\.exe

This description is based on our analysis of the following sample:

SHA1: 5f3903d6296744dcc19e2590dec1eb3fd6598c7f
Last update 30 September 2017

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20