Home / malware TrojanDropper:BAT/Startpage.A
First posted on 24 June 2019.
Source: MicrosoftAliases :
TrojanDropper:BAT/Startpage.A is also known as Trojan.BAT.StartPage.ie, VBS/StartPage.6910, Trojan-Dropper.BAT.Startpage, Trojan.Script.BAT.StartPage.ee.
Explanation :
TrojanDropper:BAT/Startpage.A is the detection for a batch file that attempts to delete all files with .LNK and .URL extensions from the following folders: %USERPROFILE% %USERPROFILE%Application DataMicrosoftInternet ExplorerQuick Launch C:Documents and SettingsAll Users It may be present in the file as:
.bat For example, 3.bat TrojanDropper:BAT/Startpage.A may also try to clear the Internet Explorer home page by deleting the value in the registry key: HKCRCLSID{871C5380-42A0-1069-A2EA-08002B30309D}shellOpenHomePageCommand It may then set the Internet Explorer home page to an arbitrary site. In the wild, TrojanDropper:BAT/Startpage.A has been observed to connect to the following: 365510.com 936dh.com Note that the detection may trigger for an executable file that contains the batch file. Analysis by Andrei Florin Saygo Last update 24 June 2019
