SecurityHome.eu TrojanDownloader:MSIL/Balamid.A

Home / malware PDF

TrojanDownloader:MSIL/Balamid.A

First posted on 29 March 2014.
Source: Microsoft
Aliases :
There are no other names known for TrojanDownloader:MSIL/Balamid.A.
Explanation :
Threat behavior

TrojanDownloader:MSIL/Balamid.A can download and run TrojanClicker:MSIL/Balamid.A and Trojan:MSIL/Balamid.A on your PC.

We have seen it connect to the following servers:

www.wintask64.com

www.wintask32.com

The downloaded malware is saved as:

%ProgramData% \lsm.exe (Trojan:MSIL/Balamid.A)

%ProgramData% \system.exe (TrojanClicker:MSIL/Balamid.A)

Analysis by Zhitao Zhou

Symptoms

The following could indicate that you have this threat on your PC:

You have these files:

%ProgramData%\lsm.exe
%ProgramData%\system.exe

Last update 29 March 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

TrojanDownloader:MSIL/Balamid.A