SecurityHome.eu Trojan.Zlob.CKZ

Home / malware PDF

Trojan.Zlob.CKZ

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Zlob.CKZ is also known as Trojan-Downloader.Win32.Zlob.nwr Win32/TrojanDownloader.Zlo.
Explanation :
At execution the trojan access the following webpage:

http://69.50.164.54/this/[removed]/stereo/music.php,
using "internetsecurity" as UserAgent.

Then downloads and executes the file:

http://dl1.virusheat.com/downloads/[removed]/vrh_setup.exe

which installs a rogue antivirus and display fake security alerts or notifications
to trick user to buy the paid version of VirusHeat
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan.Html.Zlob.L
Zlob.obfuscated
Dropped:Trojan.Zlob.CND
Trojan.Zlob.2.Gen
Trojan.HTML.Zlob.D
Trojan.HTML.Zlob.AA
Trojan.JS.Zlob.A
Trojan.HTML.Zlob.W
Trojan.Zlob.CKZ
Trojan.HTML.Zlob.AE