SecurityHome.eu Trojan-Downloader:W32/Exchanger

Home / malware PDF

Trojan-Downloader:W32/Exchanger

First posted on 01 September 2008.
Source: SecurityHome
Aliases :
There are no other names known for Trojan-Downloader:W32/Exchanger.
Explanation :
Trojan-Downloader:W32/Exchanger variants download additional malicious software onto the infected system.

right]Once the trojan is executed it copies itself into the "system32" folder and starts itself from there as a service.

The trojan also creates Windows registry entries to ensure that it is started every time the computer is started.

Once running, Exchanger variants will attempt to contact a remote server in order to relay information about the infected machine. The server will reply with a list of URLs that point to malicious files to be downloaded.
Last update 01 September 2008

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:W32/Qhost.JE
Trojan-Downloader:HTML/Agent.DY
Trojan-Downloader:HTML/Agent.DY
Trojan.Cidox!kmem
Trojan.Ransomlock!g75
Trojan.Klovbot!gen2
Trojan.Poweliks!gm
Trojan.Shylock!gen9
Trojan-Dropper:W32/Agent.CMW
Trojan-Downloader:W32/Agent.TPF