SecurityHome.eu Trojan:Win32/Miuref.A

Home / malware PDF

Trojan:Win32/Miuref.A

First posted on 24 December 2013.
Source: Microsoft
Aliases :
There are no other names known for Trojan:Win32/Miuref.A.
Explanation :
Threat behavior Trojan:Win32/Miuref.A is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.

Installation

Trojan:Win32/Miuref.A creates the following files on your computer:

c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\preferences

c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\mcghndocmfmaaekogkfghfpbjjbohcnf\2.0.3\background.js

c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\mcghndocmfmaaekogkfghfpbjjbohcnf\2.0.3\content.js

c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\mcghndocmfmaaekogkfghfpbjjbohcnf\2.0.3\manifest.json

c:\documents and settings\administrator\local settings\application data\microsoft\internet explorer\services\search_{0633ee93-d776-472f-a0ff-e1416b8b2e3a}.ico

c:\documents and settings\administrator\local settings\temp\data.dat

c:\documents and settings\administrator\local settings\temp\gtkqavlz.exe - detected as Trojan:Win32/Miuref.A

c:\documents and settings\administrator\local settings\temp\setup.dat

Payload

Contacts remote hosts
Trojan:Win32/Miuref.A may contact the following remote hosts using port 80:

185.6.80.139
www.live.com

Commonly, malware may contact a remote host for the following purposes:

To confirm Internet connectivity

To report a new infection to its author

To receive configuration or other data

To download and execute arbitrary files (including updates or additional malware)

To receive instruction from a remote attacker

To upload data taken from the affected computer

This malware description was produced and published using our automated analysis system's examination of file SHA1 472e5fcc7dc1228779e7c0c06f6c1c584e527059.Symptoms

System changes

The following could indicate that you have this threat on your PC:

The presence of the following files:

c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\preferences
c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\mcghndocmfmaaekogkfghfpbjjbohcnf\2.0.3\background.js
c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\mcghndocmfmaaekogkfghfpbjjbohcnf\2.0.3\content.js
c:\documents and settings\administrator\local settings\application data\google\chrome\user data\default\mcghndocmfmaaekogkfghfpbjjbohcnf\2.0.3\manifest.json
c:\documents and settings\administrator\local settings\application data\microsoft\internet explorer\services\search_{0633ee93-d776-472f-a0ff-e1416b8b2e3a}.ico
c:\documents and settings\administrator\local settings\temp\data.dat
c:\documents and settings\administrator\local settings\temp\gtkqavlz.exe
c:\documents and settings\administrator\local settings\temp\setup.dat
Last update 24 December 2013

TOP

Malware :

Last 20

Trojan:Win32/Miuref.A

Aliases :

Explanation :

Malware :

Family: