SecurityHome.eu TrojanClicker:MSIL/Balamid.A

Home / malware PDF

TrojanClicker:MSIL/Balamid.A

First posted on 29 March 2014.
Source: Microsoft
Aliases :
There are no other names known for TrojanClicker:MSIL/Balamid.A.
Explanation :
Threat behavior

Installation

This threat is downloaded by TrojanDownloader:MSIL/Balamid.A to %ProgramData%\system.exe.

Payload

TrojanClicker:MSIL/Balamid.A will connect to a number of website without your knowledge. It does this to automatically click on advertisements and make them appear more popular than they are.

We've seen this threat connect to the following clean websites:

www.facebook.com

www.haberedikkat.com

www.onlinefilmizlevk.com

www.saykar.net

www.unimetre.com

Analysis by Zhitao Zhou

Symptoms

The following could indicate that you have this threat on your PC:

You have these files:

%ProgramData%\lsm.exe
%ProgramData%\system.exe

Last update 29 March 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

TrojanClicker:MSIL/Balamid.A