Home / malware Downloader.Ironhalo
First posted on 23 December 2015.
Source: SymantecAliases :
There are no other names known for Downloader.Ironhalo.
Explanation :
The Trojan may arrive on the compromised computer by way of malicious documents.
Once executed, the Trojan creates the following file:
%ProgramFiles%\Startup\AcroRd32Info.exe
The Trojan may then download and execute a file from the following compromised remote location:
www.kashiwa-js.com/syougyou/images/index.phpLast update 23 December 2015
