Home / malware Trojan:Win32/Recteok.A
First posted on 07 October 2014.
Source: MicrosoftAliases :
There are no other names known for Trojan:Win32/Recteok.A.
Explanation :
Threat behavior
Installation
Trojan:Win32/Recteok.A copies itself to c:\documents and settings\administrator\application data\microsoft\winword.exe.
Payload
Contacts remote hosts
Trojan:Win32/Recteok.A may contact the following remote hosts using port 80:
- www.burlarcaptcha.com
- www.filmesonlinegratis2014.com
- www.kb8ush6544521aew.com
Commonly, malware does this to:This malware description was produced and published using automated analysis of file SHA1 0f78e8cd600e1f6e658f64ac760521f2845fa196.Symptoms
- Confirm Internet connectivity
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instructions from a remote hacker
- Upload data taken from your PC
System changes
The following could indicate that you have this threat on your PC:
- You have these files:
c:\documents and settings\administrator\application data\microsoft\winwod.exeLast update 07 October 2014
