Win32/TaojinStar [Threat Name] go to Threat

Win32/TaojinStar.I [Threat Variant Name]

Category trojan
Size 696329 B
Detection created Mar 23, 2015
Detection database version 11364
Aliases TrojanSpy:Trojan:Win32/Dynamer!ac (Microsoft)
  Trojan.Asprox.B (Symantec)
Short description

Win32/TaojinStar.I is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan does not create any copies of itself.

Information stealing

Win32/TaojinStar.I is a trojan that steals sensitive information.


The following information is collected:

  • keywords entered into search engines

The following services are affected:

  • bing.com
  • baidu.com
  • soso.com
  • sogou.com
  • google

The following programs are affected:

  • Internet Explorer

The trojan attempts to send gathered information to a remote machine.


The trojan contains a list of (2) URLs. The HTTP protocol is used.

Other information

The trojan injects HTML code into web pages visited by the user.


The trojan displays dialogs within the Internet browser with various advertisements.


The trojan opens the following URLs:

  • http://www.ak%removed%i.com

Please enable Javascript to ensure correct displaying of this content and refresh this page.