SecurityHome.eu TrojanSpy:Win32/Lurk

Home / malware PDF

TrojanSpy:Win32/Lurk

First posted on 10 February 2014.
Source: Microsoft
Aliases :
There are no other names known for TrojanSpy:Win32/Lurk.
Explanation :
Threat behavior

TrojanSpy:Win32/Lurk is installed by other malware, such as Exploit:SWF/CVE-2013-5330.A.

It is installed with a random file name in %TEMP%, for example, %TEMP%\218c.tmp. This file is usually deleted the next time your PC is rebooted.

The trojan tries to download a portable executable file from a remote server and injects it into a web browser process. We have seen it contact the following domain:

wxyz.mesjunio.com

Analysis by Chun Feng

Symptoms

Alerts from your security software may be the only symptom.

Last update 10 February 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20