Win32/TrojanDownloader.Delf.RTD [Threat Name] go to Threat

Win32/TrojanDownloader.Delf.RTD [Threat Variant Name]

Category trojan
Size 23552 B
Detection created Apr 01, 2013
Detection database version 8182
Aliases Trojan-Ransom.Win32.Blocker.axoi (Kaspersky)
  Trojan.Pigmail.19 (Dr.Web)
  Downloader (Symantec)
Short description

Win32/TrojanDownloader.Delf.RTD is a trojan which tries to download other malware from the Internet.

Installation

When executed, the trojan copies itself into the following location:

  • C:\­WINDOWS\­explorer.com

The following Registry entry is set:

  • [HKEY_CURRENT_USER\­Software\­Microsoft\­Windows NT\­CurrentVersion\­Winlogon]
    • "Shell" = "explorer.com"

This causes the trojan to be executed on every system start.

Other information

The trojan acquires data and commands from a remote computer or the Internet.


The trojan contains a URL address. The HTTP protocol is used.


It can execute the following operations:

  • download files from a remote computer and/or the Internet
  • create folders
  • run executable files

Please enable Javascript to ensure correct displaying of this content and refresh this page.