Home / malware TrojanDownloader:Win32/Pockershecv.A
First posted on 22 February 2017.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Pockershecv.A.
Explanation :
This threat is a Scheduled Task that runs an encoded Power Shell command.
When run, it downloads a Power Shell Script from the following domains:
- secureb.info
- unitdata.info
It then runs the downloaded script.
Analysis by Jody KooLast update 22 February 2017
