Win32/Vnfraye [Threat Name] go to Threat

Win32/Vnfraye.C [Threat Variant Name]

Category trojan
Size 41472 B
Detection created May 23, 2014
Detection database version 9839
Aliases Trojan.Win32.Agent.ooqf (Kaspersky)
  Trojan:Win32/Dusvext.B (Microsoft)
  Win32:Dusvext-O (Avast)
Short description

The trojan serves as a backdoor. It can be controlled remotely.

Installation

The trojan does not create any copies of itself.

Information stealing

The trojan collects various information related to the operating system.


The trojan collects the following information:

  • hardware information
  • computer IP address
  • user name
  • computer name
  • locale

The trojan attempts to send gathered information to a remote machine.

Other information

The trojan serves as a backdoor. It can be controlled remotely.


The trojan acquires data and commands from a remote computer or the Internet.


The trojan contains a list of (3) URLs. The HTTP protocol is used.


It may perform the following actions:

  • download files from a remote computer and/or the Internet
  • run executable files
  • log keystrokes
  • perform DoS/DDoS attacks
  • send the list of running processes to a remote computer
  • send files to a remote computer
  • show fake alerts
  • remove itself from the infected computer
  • update itself to a newer version
  • execute shell commands
  • visit a specific website
  • send gathered information

The trojan may create the following files:

  • %temp%\­tmp.exe
  • %temp%\­vnlogs.log

Please enable Javascript to ensure correct displaying of this content and refresh this page.