SecurityHome.eu Trojan:W32/Sacom.A

Home / malware PDF

Trojan:W32/Sacom.A

First posted on 23 January 2009.
Source: SecurityHome
Aliases :
There are no other names known for Trojan:W32/Sacom.A.
Explanation :
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.

right]This trojan attempts to contact the following domains:

jsactivity.com

bfkq.com

http://cnwebmastersblog.com/xabc/2.0/

http://74.54.89.66/p0821/2.0/

http://74.54.201.210/p0821/2.0/

http://174.133.147.18/p0821/2.0/

74.54.201.210

74.55.37.210

74.54.89.66

174.133.126.2

The trojan is most probably attempting to download additional malware, or act as a silent advertisement clicker.

Registry

The trojan adds the following values to the registry.

HKLM

HKLMSOFTWAREMicrosoftWBEM

These registry valued are encoded characters.
Last update 23 January 2009

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:W32/Qhost.JE
Trojan-Downloader:HTML/Agent.DY
Trojan.Cidox!kmem
Trojan.Ransomlock!g75
Trojan.Klovbot!gen2
Trojan.Poweliks!gm
Trojan.Shylock!gen9
Trojan-Dropper:W32/Agent.CMW
Trojan-Downloader:W32/Agent.TPF
Trojan:SymbOS/Bootton.I