Win32/Pastraw [Threat Name] go to Threat

Win32/Pastraw.G [Threat Variant Name]

Category trojan
Size 577536 B
Detection created Aug 05, 2015
Detection database version 12046
Aliases Trojan:Win32/Skeeyah.A!bit (Microsoft)
  TR/Pastraw.577536 (Avira)
  Atros.CNMU (AVG)
Short description

The trojan is designed to artificially generate traffic to certain Internet sites. It can be controlled remotely.

Installation

The trojan does not create any copies of itself.


The trojan is usually a part of other malware.


The trojan will attempt to download several files from the Internet.


Configuration is stored in the following file:

  • %malwarefolder%\­wconfig.dat

The files are stored in the following locations:

  • %malwarefolder%\­hrana.pem
  • %malwarefolder%\­vrea.pem

The following files are dropped into the current folder:

  • googleresp.html
  • googlelinks.html
  • googleextresp1.html
  • googleextresp2.html
  • _gforms.html
Other information

The trojan acquires data and commands from a remote computer or the Internet.


The trojan contains a list of URLs.


The trojan can send the information to a remote machine.


The trojan is designed to artificially generate traffic to certain Internet sites. The HTTPS protocol is used in the communication.


The trojan attempts to send gathered information to a remote machine.

Please enable Javascript to ensure correct displaying of this content and refresh this page.