Home / malware TrojanDropper:Win32/Cucirk.B
First posted on 22 February 2012.
Source: MicrosoftAliases :
There are no other names known for TrojanDropper:Win32/Cucirk.B.
Explanation :
TrojanDropper:Win32/Cucirk.B is a trojan that drops another malware, which is detected as Backdoor:Win32/Cucirk.A.
Top
TrojanDropper:Win32/Cucirk.B is a trojan that drops another malware, which is detected as Backdoor:Win32/Cucirk.A.
It drops the following file, which is detected as Backdoor:Win32/Cucirk.A:
%AppData%\recycler.dll
It also drops the following file, which links back to the dropped DLL malware; its location ensures that the DLL file automatically runs at each Windows start:
<startup folder>\windows security center.exe
Note: <startup folder> refers to a variable location that is determined by the malware by querying the operating system. The default installation location for the Startup folder for Windows 9x, Me, NT, 2000, XP and 2003 is '%USERPROFILE%\Start Menu\Programs\Startup'. For Windows Vista and 7, the default location is '%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup'.
Analysis by Patrick Estavillo
Last update 22 February 2012
