SecurityHome.eu TrojanDropper:Win32/Torug.A

Home / malware PDF

TrojanDropper:Win32/Torug.A

First posted on 23 August 2010.
Source: SecurityHome
Aliases :
There are no other names known for TrojanDropper:Win32/Torug.A.
Explanation :
TrojanDropper:Win32/Torug.A is a trojan that drops other malware.
Top

TrojanDropper:Win32/Torug.A is a trojan that drops the following files: %temp%\crtscp.exe - detected as Trojan:Win32/Torug.A %temp%\spoolsv.dll - detected as PWS:Win32/Torug.A; loaded by the first file ("crtscp.exe") As part of its malicious routine, TrojanDropper:Win32/Torug.A creates the following registry entry to allow one of its dropped file to automatically run when Windows starts: Adds value: "ControlAfx2" With data: "%temp%\crtscp.exe" To subkey: HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Analysis by Francis Allan Tan Seng
Last update 23 August 2010

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

TrojanDropper:Win32/Torug.A