Home / malwarePDF  

Trojan.Spadoluk


First posted on 17 February 2015.
Source: Symantec

Aliases :

There are no other names known for Trojan.Spadoluk.

Explanation :

The Trojan may be downloaded by the following malware:
Downloader.Upatre
Once executed, the Trojan creates the following file:
%Temp%\[RANDOM DIGITS].bat
The Trojan then connects to the following remote location on port 1025:
176.114.0.58
The Trojan then uses the Messaging Application Programming Interface to send emails from the compromised computer that contain the following malware as a malicious attachment:
Infostealer.Dyranges
The Trojan also has the ability to delete itself.

Last update 17 February 2015

 

TOP