Home / malware TrojanDownloader:Win32/Zemot.E
First posted on 08 July 2014.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Zemot.E.
Explanation :
Threat behavior
Installation
TrojanDownloader:Win32/Zemot.E creates the following files on your PC:
- %windir%\assembly\nativeimages_v2.0.50727_32\temp\zapf.tmp\system.data.services.dll
Payload
Contacts remote hosts
TrojanDownloader:Win32/Zemot.E may contact the following remote hosts using port 443:
- 1.jsservices.org
- 2.jsservices.org
- 3.jsservices.org
Commonly, malware does this to:This malware description was produced and published using automated analysis of file SHA1 d39d34478180dcbad6103ec2b394e64f64007430.Symptoms
- Confirm Internet connectivity
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instructions from a remote hacker
- Upload data taken from your PC
System changes
The following could indicate that you have this threat on your PC:
- You have these files:
%windir%\assembly\nativeimages_v2.0.50727_32\temp\zapf.tmp\system.data.services.dllLast update 08 July 2014
