Home / malware Trojan-Spy:W32/Papras.gen!A
First posted on 20 April 2010.
Source: SecurityHomeAliases :
Trojan-Spy:W32/Papras.gen!A is also known as TrojanSpy:Win32/Ursnif.gen!I (Microsoft), Backdoor.Trojan (Symantec).
Explanation :
A trojan that secretly installs spy programs, such as keyloggers.
Additional DetailsTrojan-Spy:W32/Papras.gen!A is the Generic Detection for a program that steals sensitive information, particularly details relating to online banking account.
The program has been observed to create the following files:
€ %internetcache%\desktop.ini € %localsettings%\History\desktop.ini € %cookies%\index.dat
And, reads from the memory of the rundll32.exe processes.
About Generic Detections
Unlike signature or single-file detections, a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.Last update 20 April 2010
