SecurityHome.eu TrojanDownloader:Win32/Banserogu.C

Home / malware PDF

TrojanDownloader:Win32/Banserogu.C

First posted on 02 October 2014.
Source: Microsoft
Aliases :
There are no other names known for TrojanDownloader:Win32/Banserogu.C.
Explanation :
Threat behavior

Installation

TrojanDownloader:Win32/Banserogu.C copies itself to c:\programdata\adobeacrobat\wimplayer.exe.

Payload

Contacts remote host

TrojanDownloader:Win32/Banserogu.C might contact a remote host at carloseduardo2014.websiteseguro.com using port 443. Commonly, malware does this to:

Report a new infection to its author

Receive configuration or other data

Download and run files, including updates or other malware

Receive instructions from a remote hacker

Upload data taken from your PC

This malware description was produced and published using automated analysis of file SHA1 9d845a6087cc09771a208c2b83887ed6f4e17f91.Symptoms

System changes

The following could indicate that you have this threat on your PC:

You have these files:

c:\programdata\adobeacrobat\wimplayer.exe

Last update 02 October 2014

TOP

Malware :

Last 20

TrojanDownloader:Win32/Banserogu.C

Aliases :

Explanation :

Malware :

Family: