Home / malware TrojanDownloader:Win32/Blaudowed.A
First posted on 02 June 2012.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Blaudowed.A.
Explanation :
TrojanDownloader:Win32/Blaudowed.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer. Installation TrojanDownloader:Win32/Blaudowed.A creates the following files on an affected computer:Payload Contacts remote hosts TrojanDownloader:Win32/Blaudowed.A may contact the following remote hosts using port 80:
- c:\documents and settings\administrator\local settings\temp\cqobw.7z
- c:\documents and settings\administrator\local settings\temp\deubqisl.exe
- c:\documents and settings\administrator\local settings\temp\dzqf.exe
- c:\documents and settings\administrator\local settings\temp\nst8.tmp
- c:\documents and settings\administrator\local settings\temp\windowsupdate.exe - detected as TrojanDownloader:Win32/Blaudupted.A
- c:\documents and settings\administrator\local settings\temp\xvidsetup.exe
- c:\documents and settings\administrator\local settings\temp\nsu9.tmp\execdos.dll
- install.cptncorn.com
- www.onlinecinema4all.com
Commonly, malware may contact a remote host for the following purposes:
- To confirm Internet connectivity
- To report a new infection to its author
- To receive configuration or other data
- To download and execute arbitrary files (including updates or additional malware)
- To receive instruction from a remote attacker
- To upload data taken from the affected computer
This malware description was produced and published using our automated analysis system's examination of file SHA1 da2e23a8e0d629acc891757a94b239208d8c4587.Last update 02 June 2012
