Home / malware TrojanDownloader:Win32/Waledac.AK
First posted on 26 November 2013.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:Win32/Waledac.AK.
Explanation :
Threat behavior TrojanDownloader:Win32/Waledac.AK is a member of Win32/Waledac - a family of trojans that collects email addresses found on the computer on which it is installed and distributes spam email messages. Win32/Waledac may also try to contact different websites for posting data and downloading arbitrary executable files.
Installation
TrojanDownloader:Win32/Waledac.AK creates the following files on your computer:
- c:\documents and settings\administrator\local settings\temp\temp15114233.exe
Payload
Contacts remote host
TrojanDownloader:Win32/Waledac.AK may contact a remote host at 109.200.225.62 using port 80. Commonly, malware does this to:
- Report a new infection to its author
- Receive configuration or other data
- Download and run files, including updates or other malware
- Receive instruction from a remote hacker
- Upload data taken from your PC
This malware description was produced and published using our automated analysis system's examination of file SHA1 d859a90a4f6d0cd92796a845c0e2df2aad423f4b.Symptoms
System changes
The following could indicate that you have this threat on your PC:
c:\documents and settings\administrator\local settings\temp\temp15114233.exe
- The presence of the following files:
Last update 26 November 2013
