Home / malware TrojanDownloader:Win32/Banload.AYM
First posted on 07 October 2014.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Banload.AYM.
Explanation :
Threat behavior
Installation
TrojanDownloader:Win32/Banload.AYM creates the following files on your PC:
- c:\documents and settings\administrator\local settings\temp\nvsdrv.zip
Payload
Contacts remote host
TrojanDownloader:Win32/Banload.AYM might contact a remote host at www.xdvision.sk using port 80. Commonly, malware does this to:This malware description was produced and published using automated analysis of file SHA1 7b525bf47ceee793435ffc7117eead8bdbd54084.Symptoms
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instructions from a remote hacker
- Upload data taken from your PC
System changes
The following could indicate that you have this threat on your PC:
- You have these files:
c:\documents and settings\administrator\local settings\temp\nvsdrv.zipLast update 07 October 2014
