SecurityHome.eu Worm:Win32/Dodinsom!rfn

Home / malware PDF

Worm:Win32/Dodinsom!rfn

First posted on 01 June 2016.
Source: Microsoft
Aliases :
There are no other names known for Worm:Win32/Dodinsom!rfn.
Explanation :
Installation
This threat can create files on your PC, including:

%SystemRoot%\winlogon.exe

The malware uses code injection to make it harder to detect and remove. It can inject code into running processes.

Payload

Connects to a remote host

Malware can connect to a remote host to do any of the following:

Check for an Internet connection

Download and run files (including updates or other malware)

Report a new infection to its author

Receive configuration or other data

Receive instructions from a malicious hacker

Search for your PC location

Upload information taken from your PC

Validate a digital certificate

This malware description was published using automated analysis of file SHA1 1c8521b126e9dd8bd285351a9f38de5138466d19.
Last update 01 June 2016

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20