Win32/Bableper [Threat Name] go to Threat

Win32/Bableper.A [Threat Variant Name]

Category trojan
Size 343552 B
Detection created Jul 24, 2011
Detection database version 6321
Aliases Trojan-Downloader.Win32.Tracker.a (Kaspersky)
  Trojan:Win32/Bumat!rts (Microsoft)
  Downloader.a!gw.trojan (McAfee)
Short description

Win32/Bableper.A is a trojan that spreads through the Gnutella network.

Installation

The trojan does not create any copies of itself.

Spreading via P2P networks

Win32/Bableper.A is a trojan that spreads through the Gnutella network.

Information stealing

The trojan collects the following information:

  • external IP address of network device
  • the IP address of the router in the local network
  • computer IP address

The trojan attempts to send gathered information to a remote machine.

Other information

The trojan acquires data and commands from a remote computer or the Internet.


The HTTP protocol is used. The trojan contains a list of (14) URLs.


It can execute the following operations:

  • monitor network traffic
  • modify network traffic

The trojan tries to download several files from the Internet.


The trojan uses techniques to entice users to download the Babylon Toolbar application.


The trojan opens some TCP, UDP ports:

  • 32854

Please enable Javascript to ensure correct displaying of this content and refresh this page.