Win32/Rozena [Threat Name] go to Threat
Win32/Rozena.SG [Threat Variant Name]
| Category | trojan |
| Size | 14848 B |
| Detection created | Jun 26, 2016 |
| Signature database version | 13710 |
| Aliases | Trojan.Win32.Agent.ijoz (Kaspersky) |
| Trojan:Win32/Tiouice.A (Microsoft) | |
| Win32:Malware-gen (Avast) | |
| Crypt5.CANA.trojan (AVG) | |
| TR/Crypt.XPACK.Gen (Avira) | |
| Variant.Graftor.303737 (BitDefender) | |
| GenericRXAO-VJ!E34E5A0259A9.trojan (McAfee) | |
| Trojan.Gen.2 (Symantec) |
Short description
Win32/Rozena.SG is a trojan which tries to download other malware from the Internet. The trojan is usually a part of other malware.
Installation
The trojan does not create any copies of itself.
The trojan executes the following files:
- %windir%\System32\rundll32.exe
The trojan creates and runs a new thread with its own code within these running processes.
Other information
The trojan contains a URL address.
It tries to download and execute the other part of the infiltration from the address.
The HTTP protocol is used in the communication.