SecurityHome.eu TrojanDownloader:Win32/Pyza.A

Home / malware PDF

TrojanDownloader:Win32/Pyza.A

First posted on 10 September 2010.
Source: SecurityHome
Aliases :
TrojanDownloader:Win32/Pyza.A is also known as Trojan-Downloader.Win32.NSIS.ep (Kaspersky), DR/Dldr.NSIS.EP.18 (Avira), Trojan-Downloader.Win32.NSIS (Ikarus).
Explanation :
TrojanDownloader:Win32/Pyza.A is a trojan that downloads a file from a remote server.
Top

TrojanDownloader:Win32/Pyza.A is a trojan that downloads a file from a remote server. Installation TrojanDownloader:Win32/Pyza.A creates the following non-malicious files on an affected computer:
%temp%\hash.exe

%temp%\system.dll

%temp%\inetc.dll
Payload Downloads file TrojanDownloader:Win32/Pyza.A connects to the following remote server using port 80 without the user's knowledge: ppzy.com It downloads a file from this server, which it saves as the following: %temp%\temp_9.exe At the time of analysis, the remote server was unavailable.

Analysis by Marianne Mallen
Last update 10 September 2010

TOP

Malware :

Last 20

Family:

TrojanDownloader:Win32/Pyza.A