Home / malware TrojanDownloader:VBS/Donvibs
First posted on 15 June 2016.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:VBS/Donvibs.
Explanation :
Installation
This threat is a malware downloader that is often distributed as an attachment to spam mails. It can download and run other malware families into your PC without consent.
Upon execution, this threat downloads files to your PC, which can have the name:
- %appdata%\{random} (example: "2828")
- %appdata% \{random}.tmp (example: "282831.tmp")
Payload
Downloads malware or unwanted software
This threat can download other malware and unwanted software onto your PC. We have seen it download the following threats:
- Ransom:Win32/Cerber
An example of a URL it downloads from is:
- http://94.102.63.7/subid3.jpg?DKC=25
Analysis by Alden PornasdoroLast update 15 June 2016