Home / malware PWS:Win32/Hoardy
First posted on 18 November 2016.
Source: MicrosoftAliases :
There are no other names known for PWS:Win32/Hoardy.
Explanation :
Installation
This threat can create files on your PC, including:
- %TEMP%\csrssc.exe
It modifies the registry so that it runs each time you start your PC. For example:
In subkey: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Sets value: "infme"
With data: ""%TEMP%\wmiprvse.exe""
Payload
Steals your sensitive information
This threat can steal your sensitive information, such as your user names and passwords for:
- Email or social media websites
- Banking websites
- Online games
This malware description was published using automated analysis of file SHA1 64fcbd0e11d0f32b5362d0428c858ee09ca49aaa.Last update 18 November 2016
