Win32/TrojanDownloader.Banload [Threat Name] go to Threat

Win32/TrojanDownloader.Banload.QRD [Threat Variant Name]

Category trojan
Size 11264 B
Detection created Jan 27, 2012
Detection database version 6832
Aliases Downloader (Symantec)
Short description

Win32/TrojanDownloader.Banload.QRD is a trojan which tries to download other malware from the Internet. The file is run-time compressed using UPX .

Installation

The trojan does not create any copies of itself.

Other information

The trojan contains a list of (2) URLs.


It tries to download several files from the addresses.


These are stored in the following locations:

  • %system%\­GetDiskSerial.dll
  • %system%\­regss.exe
  • %system%\­cmd.bat

The files are then executed. The HTTP protocol is used.


The trojan replaces the following file by one downloaded from the Internet:

  • %system%\­drivers\­etc\­hosts

The following programs are terminated:

  • ctfmor.exe

Please enable Javascript to ensure correct displaying of this content and refresh this page.