Win32/Injector.GXY [Threat Name] go to Threat

Win32/Injector.GXY [Threat Variant Name]

Category trojan
Size 27136 B
Detection created Jun 11, 2011
Detection database version 6198
Aliases Trojan.Win32.VBKrypt.dlka (Kaspersky)
  Troj/Dloadr-DIB (Sophos)
  Downloader (Symantec)
Short description

Win32/Injector.GXY is a trojan which tries to download other malware from the Internet.

Installation

The trojan does not create any copies of itself.

Other information

Win32/Injector.GXY is a trojan which tries to download other malware from the Internet.


The trojan contains an URL address.


It tries to download a file from the address. The HTTP protocol is used.


The file is stored in the following location:

  • %temp%\­%variable%.exe

The file is then executed.


A string with variable content is used instead of %variable% .


The trojan quits immediately if it is run within a debugger.


The trojan quits immediately if any of the following applications is detected:

  • Sandboxie

Please enable Javascript to ensure correct displaying of this content and refresh this page.