Win32/TrojanDownloader.Nymaim [Threat Name] go to Threat

Win32/TrojanDownloader.Nymaim.AY [Threat Variant Name]

Category trojan
Size 143360 B
Detection created Apr 15, 2015
Detection database version 11481
Aliases Ransom:Win32/Nymaim.F (Microsoft)
Short description

Win32/TrojanDownloader.Nymaim.AY is a trojan which tries to download other malware from the Internet.

Installation

The trojan does not create any copies of itself.


Information stealing

The trojan collects the following information:

  • user name
  • computer name
  • list of running processes

The trojan attempts to send gathered information to a remote machine.

Other information

The trojan contains a URL address.


It tries to download a file from the address.


The file is stored in the following location:

  • %commonappdata%\­%variable1%.exe

The file is then executed. The HTTP protocol is used.


The trojan may create the following files:

  • %windir%\­%variable2%

A string with variable content is used instead of %variable1-2% .

Please enable Javascript to ensure correct displaying of this content and refresh this page.