Home / malwarePDF  

Trojan:Win32/Conhook.D


First posted on 24 April 2020.
Source: Microsoft

Aliases :

Trojan:Win32/Conhook.D is also known as Trojan-Downloader.Win32.Tiny.id, Generic Downloader.z, W32/Tiny.AHW, Trojan-Downloader.Win32.Tiny.id, Trojan.Vundo.

Explanation :

Trojan:Win32/Conhook.D attempts to download content from a remote Web site. Trojan:Win32/Conhook.D injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access. When Trojan:Win32/Conhook.D is run, it performs the following actions: Modifies the following registry entry:
Set "(default)" = "4877f10167414601835343328a816dfa"
In subkey: HKEY_CURRENT_USERSOFTWAREMicrosoftCAC
Set "ProxyBypass" = "1"
In subkey: 
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsoneMap Connects to a remote Web site to download content using a server-side script

Last update 24 April 2020

 

TOP

Malware :

Family: