SecurityHome.eu Trojan.Tuferkan

Home / malware PDF

Trojan.Tuferkan

First posted on 16 December 2014.
Source: Symantec
Aliases :
There are no other names known for Trojan.Tuferkan.
Explanation :
The Trojan may arrive through phishing emails with malicious attachments.

When the Trojan is executed, it creates the following file: %Temp%\[RANDOM NUMBERS].tmp
The Trojan then creates the following registry subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{F399279F-BEFC-3D38-232B-478D07F11293}
The Trojan then sends the name of the compromised computer and a list of installed applications to the following remote locations: 203.172.141.250194.146.136.174.208.11.20484.92.26.505.187.1.78209.208.62.36
The Trojan then opens a back door on the compromised computer, allowing the remote attacker to install additional malware.
Last update 16 December 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:W32/Qhost.JE
Trojan-Downloader:HTML/Agent.DY
Trojan.Cidox!kmem
Trojan.Ransomlock!g75
Trojan.Klovbot!gen2
Trojan.Poweliks!gm
Trojan.Shylock!gen9
Trojan-Dropper:W32/Agent.CMW
Trojan-Downloader:W32/Agent.TPF
Trojan:SymbOS/Bootton.I