SecurityHome.eu Trojan-Downloader:W32/Agent.EYA

Home / malware PDF

Trojan-Downloader:W32/Agent.EYA

First posted on 20 August 2007.
Source: SecurityHome
Aliases :
Trojan-Downloader:W32/Agent.EYA is also known as Agent.EYA, Trojan-Downloader.Win32.Agent.ccd.
Explanation :
This Trojan-downloader obtains malware from several links and executes them into the infected system.

Upon execution, this Trojan downloads files from several links with the following format:

http://bl.fgs.org.tw/icons/.dat/[removed].exe

The files are saved in the Windows system directory with the following file names:

datta.exe - detected as Trojan-Spy.Win32.Banker.cxk
info1.exe - detected as Trojan-Spy.Win32.Banker.cxu
spoolsvw.exe - detected as Trojan-Spy.Win32.Banker.cxj
temp32.exe - detected as Trojan-Spy.Win32.Banker.cxu

The files are executed afterwards.

This malware is related to Trojan-Spy.Win32.Banker. A general description for the Trojan-Spy.Win32.Banker family can be found here.

Last update 20 August 2007

TOP

Trojan-Downloader:W32/Agent.EYA

Aliases :

Explanation :

Malware :

Family: