Home / malware TrojanDownloader:BAT/Locky.A
First posted on 24 February 2016.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:BAT/Locky.A.
Explanation :
This threat downloads other malware, such as Ransom:Win32/Locky.A. You can read more on our ransomware page.
Installation
We have seen this threat being downloaded by TrojanDownloader:O97M/Adnel as the following:
- lah.bat
Payload
Downloads and runs malware
When the malware runs, it download a malicious file as:
- 2.exe
From:
- hxxp://lasmak.pl/
This file is then installed as:
- %TEMP% \fail.exe - detected as Ransom:Win32/Locky.A
Analysis by Marianne MallenLast update 24 February 2016
