SecurityHome.eu TrojanDownloader:JS/Banload

Home / malware PDF

TrojanDownloader:JS/Banload

First posted on 02 October 2019.
Source: Microsoft
Aliases :
There are no other names known for TrojanDownloader:JS/Banload.
Explanation :
This is a generic detection name for JavaScript malware that download and execute variants of or .TrojanDownloader:Win32/BanloadTrojanSpy:Win32/Banker

This threat may arrive in .zip attachments to email messages. The email messages are usually in Portuguese and pretend to carry important or banking-related documents to lure users into opening the attachment.

The following is a sample malicious email message carrying this thread:

The attachment file names often contain Portuguese terms like the following:

Analysis by Jeong Mun

Boleto (Brazilian invoice for payment) Comprovante (Receipt) Debitos (Debit) Formulario (Form) NotaFiscal (Fiscal note) Oficio (Official letter) Planilha (Spreadsheet)
Last update 02 October 2019

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20