Home / malware Trojan:Win32/C2Lop.gen!G
First posted on 07 April 2009.
Source: SecurityHomeAliases :
Trojan:Win32/C2Lop.gen!G is also known as Also Known As:Mal/Swizzor-D (Sophos).
Explanation :
Trojan:Win32/C2Lop.gen!G is a generic detection for a member of the Trojan:Win32/C2Lop family of trojans. This family modifies web browser settings, adds browser bookmarks, and delivers pop-up advertisements.
Symptoms
There are no obvious symptoms that indicate the presence of this malware on an affected machine.
Trojan:Win32/C2Lop.gen!G is a generic detection for a member of the Trojan:Win32/C2Lop family of trojans. This family modifies web browser settings, adds browser bookmarks, and delivers pop-up advertisements.
Installation
Trojan:Win32/C2Lop.gen!G may arrive on a system as a file that is bundled with other software. When run, it launches Internet Explorer and injects its malicious code into the IE process.
Payload
Downloads and Executes Arbitrary Files
Win32/C2Lop.gen!G may connect to a remote web site to download and execute arbitrary files. The downloaded files are usually members of the TrojanDownloader:Win32/Swizzor family or other components of the Trojan:Win32/C2Lop family. Once the downloaded files are successfully installed, unwanted pop-ups and advertisements may be displayed on the system. For example, a specific sample of Win32/C2Lop.gen!G was observed attempting to connect to "ads.netbios-local.com" via TCP port 80 and download files.
Analysis by Jireh SanicoLast update 07 April 2009
