Win32/DataStealer [Threat Name] go to Threat

Win32/DataStealer.L [Threat Variant Name]

Category trojan
Size 263680 B
Detection created Jun 20, 2013
Detection database version 8470
Aliases Trojan.Touch.497 (Dr.Web)
  Downloader (Symantec)
  TrojanDownloader:Win32/Banload (Microsoft)
Short description

The trojan collects various sensitive information. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan does not create any copies of itself.

Information stealing

The trojan searches local and removable drives for files with the following file extensions:

  • .jpg
  • .dat
  • .key

When the trojan finds a file matching the search criteria, it calculates its hash digest.


The trojan collects the following information:

  • user name
  • volume serial number

The trojan attempts to send gathered information to a remote machine.


The trojan contains a URL address. The HTTP protocol is used.

Please enable Javascript to ensure correct displaying of this content and refresh this page.