SecurityHome.eu Trojan.Boscan

Home / malware PDF

Trojan.Boscan

First posted on 14 March 2015.
Source: Symantec
Aliases :
There are no other names known for Trojan.Boscan.
Explanation :
Once executed, the Trojan may connect to one or more of the following remote locations:
[http://]www.qoog1e.com/sea_c1/file/i/[REMOVED][http://]78.46.220.106[http://]210.56.51.129:8080/recv[REMOVED][http://]210.56.51.129:8080/lv.[REMOVED][http://]210.56.51.129:8080/plg[REMOVED][http://]210.56.51.129:8080/kl.[REMOVED]
The Trojan may then perform the following actions on the compromised computer:
Load additional JavaScript into web pageEnumerate installed software on the compromised computerLog keystrokes
The Trojan may also gather the following information from the compromised computer and send it to the attacker using GET/POST requests:
User agent informationReferrerDocument titleWindows screen sizeIP addressOperating system version
Last update 14 March 2015

TOP

Malware :

RATDispenser
Raspberry Robin
ObliqueRAT
DoppelPaymer
Dridex

Last 20

Family:

Trojan.Boscan