Home / malware TrojanDownloader:Win32/Karagany.A
First posted on 27 November 2010.
Source: SecurityHomeAliases :
TrojanDownloader:Win32/Karagany.A is also known as Trojan-Downloader.Win32.Agent.fcrw (Kaspersky).
Explanation :
TrojanDownloader:Win32/Karagany.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer.
Top
TrojanDownloader:Win32/Karagany.A is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer. Installation TrojanDownloader:Win32/Karagany.A creates the following files on an affected computer:
<current folder>\<malware file>.exe c:\documents and settings\administrator\application data\adobe\adobeupdate .exe c:\documents and settings\administrator\application data\adobe\plugs\kb196125.exe Payload Contacts remote hosts TrojanDownloader:Win32/Karagany.A may contact the following remote hosts using port 80:
adobe.com niceredirect.co.cc
Commonly, malware may contact a remote host for the following purposes:
- To confirm Internet connectivity
- To report a new infection to its author
- To receive configuration or other data
- To download and execute arbitrary files (including updates or additional malware)
- To receive instruction from a remote attacker
- To upload data taken from the affected computer
This malware description was produced and published using our automated analysis system's examination of file SHA1 033e7846346167693b5c7c7c70a9a32b5bb65477.Last update 27 November 2010
