SecurityHome.eu Trojan.Spy.Wsnpoem.HA

Home / malware PDF

Trojan.Spy.Wsnpoem.HA

First posted on 21 November 2011.
Source: BitDefender
Aliases :
There are no other names known for Trojan.Spy.Wsnpoem.HA.
Explanation :
At execution this malware is a trojan that copies itself in %WINDIR%system32
tos.exe (or C:Documents and settings\%username%Application Data) and he will create a registry key in order to make sure it will be executed after every reboot.
He will inject in svchost.exe and winlogon.exe and he can provide backdoor and proxy server capabilities.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20