Win32/TrojanDownloader.Delf.RTD [Threat Name] go to Threat

Win32/TrojanDownloader.Delf.RTD [Threat Variant Name]

Category trojan
Size 23552 B
Detection created Apr 01, 2013
Detection database version 8182
Aliases Trojan-Ransom.Win32.Blocker.axoi (Kaspersky)
  Trojan.Pigmail.19 (Dr.Web)
  Downloader (Symantec)
Short description

Win32/TrojanDownloader.Delf.RTD is a trojan which tries to download other malware from the Internet.


When executed, the trojan copies itself into the following location:

  • C:\­WINDOWS\­

The following Registry entry is set:

  • [HKEY_CURRENT_USER\­Software\­Microsoft\­Windows NT\­CurrentVersion\­Winlogon]
    • "Shell" = ""

This causes the trojan to be executed on every system start.

Other information

The trojan acquires data and commands from a remote computer or the Internet.

The trojan contains a URL address. The HTTP protocol is used.

It can execute the following operations:

  • download files from a remote computer and/or the Internet
  • create folders
  • run executable files

Please enable Javascript to ensure correct displaying of this content and refresh this page.