SecurityHome.eu TrojanDownloader:BAT/Locky.A

Home / malware PDF

TrojanDownloader:BAT/Locky.A

First posted on 24 February 2016.
Source: Microsoft
Aliases :
There are no other names known for TrojanDownloader:BAT/Locky.A.
Explanation :
This threat downloads other malware, such as Ransom:Win32/Locky.A. You can read more on our ransomware page.

Installation

We have seen this threat being downloaded by TrojanDownloader:O97M/Adnel as the following:

lah.bat

Payload

Downloads and runs malware

When the malware runs, it download a malicious file as:

2.exe

From:

hxxp://lasmak.pl/

This file is then installed as:

%TEMP% \fail.exe - detected as Ransom:Win32/Locky.A

Analysis by Marianne Mallen
Last update 24 February 2016

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

TrojanDownloader:BAT/Locky.A