Home / malware TrojanDownloader:Win32/Kraddare.E
First posted on 07 October 2013.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Kraddare.E.
Explanation :
Threat behavior
Installation
TrojanDownloader:Win32/Kraddare.E creates the following files on your PC:
- <current folder>\$$336699.bat
- c:\documents and settings\all users\documents\rundownplay_setup_10.exe
Payload
Contacts remote host
TrojanDownloader:Win32/Kraddare.E may contact a remote host at update.rundownplay.com using port 80. Commonly, malware contacts a remote host for the following purposes:This malware description was produced and published using our automated analysis system's examination of file SHA1 f0af1721095cbac93bc374f33b88d2e6ab87aed0.Symptoms
- To report a new infection to its author
- To receive configuration or other data
- To download and execute arbitrary files (including updates or additional malware)
- To receive instruction from a remote attacker
- To upload data taken from the affected computer
System changes
The following system changes may indicate the presence of this malware:
- The presence of the following files:
<current folder>\$$336699.bat
c:\documents and settings\all users\documents\rundownplay_setup_10.exeLast update 07 October 2013
