SecurityHome.eu Trojan.Asprox.B

Home / malware PDF

Trojan.Asprox.B

First posted on 05 April 2014.
Source: Symantec
Aliases :
There are no other names known for Trojan.Asprox.B.
Explanation :
The Trojan may arrive on the compromised computer as an email attachment.

Once executed, the Trojan copies itself to the following location:
%UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe

The Trojan creates the following registry entry so that it runs every time Windows starts:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[RANDOM CHARACTERS]" = "%UserProfile%\Application Data\[RANDOM CHARACTERS FILE NAME].exe"

Next, the Trojan downloads and executes malicious files on the compromised computer.

The Trojan may then perform other malicious activities on the compromised computer.
Last update 05 April 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan.Asprox.B
Trojan.Asprox.B!gm
Trojan.Asprox.B!gen1