Win32/TrojanDownloader.ConHook [Threat Name] go to Threat

Win32/TrojanDownloader.ConHook.NAN [Threat Variant Name]

Category trojan
Size 180224 B
Detection created Aug 17, 2012
Detection database version 7395
Aliases Trojan-Dropper.Win32.Agent.rxv (Kaspersky)
  Downloader-BTF.trojan (McAfee)
  Trojan:Win32/Conhook.B (Microsoft)
Short description

Win32/TrojanDownloader.ConHook.NAN is a trojan that installs Win32/TrojanDownloader.ConHook.NAM malware.

Installation

When executed, the trojan creates the following files:

  • %temp%\­Installer.exe (27205 B, Win32/TrojanDownloader.ConHook.NAM)
  • %temp%\­The_Bat.exe (57703 B)

The files are then executed.

Other information

The following Registry entries are created:

  • [HKEY_CURRENT_USER\­Software\­Microsoft\­MS_Aff_101]
  • [HKEY_LOCAL_MACHINE\­Software\­Microsoft\­DInf]
    • "1" = %variable%
  • [HKEY_CURRENT_USER\­Software\­Microsoft\­DInf] <- if previous key cannot be created
    • "1" = %variable%

A string with variable content is used instead of %variable% .

Please enable Javascript to ensure correct displaying of this content and refresh this page.