Home / malware

PDF

TrojanDownloader:Win32/Banaity.A

First posted on 31 October 2014.
Source: Microsoft

Aliases :

There are no other names known for TrojanDownloader:Win32/Banaity.A.

Explanation :

Threat behavior TrojanDownloader:Win32/Banaity.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer.

Installation

TrojanDownloader:Win32/Banaity.A creates the following files on your PC:

• %windir%\441x\4l7vf3.jpg
• %windir%\441x\84rn2.jpg
• %windir%\441x\qd2p0sghc.jpg
• %windir%\441x\tnie1r.jpg
• %windir%\441x\yyuqryfr.jpg

Payload

Contacts remote host

TrojanDownloader:Win32/Banaity.A might contact a remote host at 200.98.163.250 using port 80. Commonly, malware does this to:

• Report a new infection to its author
• Receive configuration or other data
• Download and run files, including updates or other malware
• Receive instructions from a remote hacker
• Upload data taken from your PC

This malware description was produced and published using automated analysis of file SHA1 a95b895f87e22f1f2e8750723550f60221ede346.Symptoms

System changes

The following could indicate that you have this threat on your PC:

• You have these files:
  
  %windir%\441x\4l7vf3.jpg
  %windir%\441x\84rn2.jpg
  %windir%\441x\qd2p0sghc.jpg
  %windir%\441x\tnie1r.jpg
  %windir%\441x\yyuqryfr.jpg

Last update 31 October 2014

 

TOP