Home / malware Trojan:Win32/Congrim.gen!A
First posted on 23 May 2012.
Source: MicrosoftAliases :
Trojan:Win32/Congrim.gen!A is also known as TR/Crypt.XPACK.Gen (Avira), Gen:Variant.Barys.2134 (BitDefender).
Explanation :
Trojan:Win32/Congrim.gen!A is a generic detection for malware that attempts to communicate with a command and control (C&C) server and receive further commands that could instruct the malware to perform other actions.
Payload
Communicates with a remote server
This trojan attempts to connect to a C&C server named "software.trickip.net" using TCP port 443. In computer environments where a proxy is used, the trojan searches for proxy credentials via Internet Explorer's Protected Storage in order to access the C&C server.
The trojan creates a command shell to receive instructions from, and to send results back to, the C&C server. Using the remote shell connection, an attacker could upload and download files to your computer.
Analysis by Vincent Tiu
Last update 23 May 2012
