SecurityHome.eu Trojan:MSIL/Upadter.A

Home / malware PDF

Trojan:MSIL/Upadter.A

First posted on 25 January 2017.
Source: Microsoft
Aliases :
There are no other names known for Trojan:MSIL/Upadter.A.
Explanation :
This threat may be downloaded by TrojanDownloader:O97M/Donoff.

When executed, it drops the following file:

%APPDATA%\roaming\java\javaupdtr.exe

It changes the following registry entry so that it runs each time you start your PC:

In subkey: HKU\Administrator\Software\Microsoft\Windows NT\CurrentVersion\Windows
Sets value: "Load"
With data: "%APPDATA%\roaming\java\javaupdtr.exe"

It logs keystrokes and monitors browsing activities in order to steal credentials to the following:

Email

Online banking sites

Online games

Social networking sites

Analysis by Ferdinand Plazo
Last update 25 January 2017

TOP

Malware :

RATDispenser
Raspberry Robin
ObliqueRAT
DoppelPaymer
Dridex

Last 20

Family:

Trojan:MSIL/Upadter.A