SecurityHome.eu VirTool:Win32/Prolonc.A

Home / malware PDF

VirTool:Win32/Prolonc.A

First posted on 10 September 2010.
Source: SecurityHome
Aliases :
VirTool:Win32/Prolonc.A is also known as Trojan-Spy.Win32.Ardamax.fwr (Kaspersky), TR/Spy.Ardamax.fvc (Avira), Trojan-Spy.Win32.Ardamax (Ikarus).
Explanation :
VirTool:Win32/Prolonc.A is a detection for a malware component that starts another executable after a 5-minute delay has elapsed.
Top

VirTool:Win32/Prolonc.A is a detection for a malware component that starts another executable after a 5-minute delay has elapsed. When executed, VirTool:Win32/Prolonc.A looks for a file input in the command line. If it does find a file input, it waits for 5 minutes, then runs the input file. In the wild, this threat has been observed to be installed with the following malware:
Trojan:Win32/Emuni.A

Rogue:Win32/Rudoct

Analysis by Jireh Sanico
Last update 10 September 2010

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

VirTool:Win32/Prolonc.A