Home / malware TrojanDropper:Win32/VB.DY
First posted on 28 February 2012.
Source: MicrosoftAliases :
TrojanDropper:Win32/VB.DY is also known as Downloader/Win32.VB (AhnLab), W32/Downldr2.FMJO (Command), Trojan.VBGent.Gen.23 (VirusBuster), Trojan horse Downloader.VB.BSN (AVG), BDS/Shocki.5463 (Avira), Trojan.DownLoad.30065 (Dr.Web), Win32/VB.NVX trojan (ESET), Net-Worm.Win32.Kolab (Ikarus), Trojan.Win32.VB.klp (Kaspersky), WORM_VB.PUL (Trend Micro).
Explanation :
TrojanDropper:Win32/VB.DY is a trojan written in Visual Basic (VB), that embeds other malicious components by encrypting them inside its code. Its objective is to hide the embedded malicious component and avoid its detection and removal by antivirus solutions.
Top
TrojanDropper:Win32/VB.DY is a trojan written in Visual Basic (VB), that embeds other malicious components by encrypting them inside its code. Its objective is to hide the embedded malicious component and avoid its detection and removal by antivirus solutions.
In the wild, we have found variants of TrojanDropper:Win32/VB.DY that drop and install the following malware:
- TrojanDownloader:Win32/Harnig.gen!P
- Worm:Win32/Autorun.gen!inf
- Worm:Win32/Hamweq!inf
- Worm:Win32/Hamweq.A
Analysis by Jireh Sanico
Last update 28 February 2012
