Home / malware Trojan.Downloader.Istbar.NN
First posted on 21 November 2011.
Source: BitDefenderAliases :
Trojan.Downloader.Istbar.NN is also known as Trojan-Downloader.Win32.IstBar.nj, Win32/Istbar.BN!Trojan, W32/Istbar.NJ!dldr.
Explanation :
This malware is an online installer created with NullSoft Installer.
Upon execution it announces the user that it will install a toolbar for "Internet Explorer" but no "Cancel" option is present, only one "Agree" button. If pressed, an executable file from http://www.ysbweb.com/ist/softwares/[removed] will be downloaded, saved as "gkey.dll" in the temporary folder, and executed as an ".exe".
In fact, the downloaded file could be either a toolbar, another trojan downloader or even other malware.Last update 21 November 2011
