Home / malware

PDF

Trojan:AutoIt/Startpage.G

First posted on 06 February 2012.
Source: Microsoft

Aliases :

Trojan:AutoIt/Startpage.G is also known as TROJ_EMBEDDED.AU (Trend Micro).

Explanation :

Trojan:AutoIt/Startpage.G is a trojan that poses as Internet Explorer. When run, it opens Internet Explorer to an unwanted webpage.


Top

Trojan:AutoIt/Startpage.G is a trojan that poses as Internet Explorer. When run, it opens Internet Explorer to an unwanted webpage.



Installation

Trojan:AutoIt/Startpage.G may be installed by other malware and may be present as a file named "mainie.exe", with a file icon that resembles Microsoft Internet Explorer:





Payload

Opens unwanted webpage
When run, Trojan:AutoIt/Startpage.G launches Internet Explorer to an unwanted web page, for example "2345.com" or another site.

Additional information

Trojan:AutoIt/Startpage.G functions as a wrapper for Internet Explorer by starting the web browser with a website domain as a parameter. The trojan does not modify the registry, which stores web browser settings such as the start page or home page settings.



Analysis by Hyun Choi

Last update 06 February 2012

 

TOP