Home / malware Trojan:Win32/Bocinex.gen!A
First posted on 27 March 2012.
Source: MicrosoftAliases :
Trojan:Win32/Bocinex.gen!A is also known as TR/Offend.kdv.548758 (Avira), Trojan.Win32.BitMin (Ikarus), Trojan.Win32.BitMin.a (Kaspersky), Troj/DwnLdr-JSW (Sophos), TROJ_DLOADER.VTG (Trend Micro).
Explanation :
Trojan:Win32/Bocinex.gen!A is a bundled installer that executes Program:Win32/CoinMiner.
Top
Trojan:Win32/Bocinex.gen!A is a bundled installer that executes Program:Win32/CoinMiner.
It may have the file name "winlogons.exe".
It attributes newly generated bitcoins to the attacker's account with the following parameters:
<Program:Win32/CoinMiner executable file>-a 60 -g yes -o <URL> -u <attacker user name> -p <attacker password>
Analysis by Alden Pornasdoro
Last update 27 March 2012