SecurityHome.eu Trojan.Delf.Inject.BK

Home / malware PDF

Trojan.Delf.Inject.BK

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Delf.Inject.BK is also known as (KAV.
Explanation :
When executed it creates a copy of itself in "%system% ray.exe" and registers this copy to the system startup:
[HKLMSoftwareMicrosoftWindowsCurrentVersionRun]MicrosoftNAPC,
[HKLMSoftwareMicrosoftWindowsCurrentVersionpoliciesExplorerRun]MicrosoftCorp
When launched, this copy tries to connect to warraca.elcrazyfrog.com IRC server. It has the potential to download and execute a file (most probably a malware) specified by server. It will also search for sensitive data in some browser-related files like profiles.ini, signons.txt.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan.Dropper.Delf.HS
Virus:W32/Delf.BO
Delf.ACC
Trojan.Dropper.Delf.BAS
Win32.Worm.Delf.NCZ
Trojan.Crypt.Delf.F
Trojan.Delf.Inject.BK
Win32.Worm.Delf.NFW
Delf.V
Trojan-Downloader:W32/Delf.AWY