Home / malwarePDF  

Trojan.Ascesso.C


First posted on 05 August 2014.
Source: Symantec

Aliases :

There are no other names known for Trojan.Ascesso.C.

Explanation :

The Trojan may arrive through spam emails or may be dropped by the Nuclear Exploit Kit.

When the Trojan is executed, it creates the following files:
C:\Documents and Settings\[USER NAME]\[RANDOM NAME].exe%Temp%\[RANDOM NUMBER][RANDOM NUMBER][RANDOM NUMBER][RANDOM NUMBER].bat
The Trojan creates the following registry entry so that it runs every time Windows starts:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"MSConfig" = "C:\Documents and Settings\[USER NAME]\[RANDOM NAME].exe"

The Trojan may perform the following actions:
Inject malicious code into the svchost.exe process to hide itself on the compromised computerConnect to 123.45.67.89 to download additional files or updatesSend spam emails

Last update 05 August 2014

 

TOP

Malware :

Family: