Win32/Minzen [Threat Name] go to Threat
Win32/Minzen.D [Threat Variant Name]
|Detection created||Mar 03, 2017|
|Signature database version||15029|
The trojan serves as a backdoor. It can be controlled remotely.
The trojan does not create any copies of itself.
The trojan acquires data and commands from a remote computer or the Internet.
The trojan contains a list of (2) URLs. The HTTP protocol is used in the communication.
It can execute the following operations:
- download files from a remote computer and/or the Internet
- run executable files
- execute shell commands
- uninstall itself
The trojan may create the following files:
A string with variable content is used instead of %variable% .
The trojan may delete the following Registry entries: