OSX/Spy.Hapus [Threat Name] go to Threat

OSX/Spy.Hapus.A [Threat Variant Name]

Category trojan
Detection created Aug 08, 2014
Detection database version 10225
Short description

OSX/Spy.Hapus.A is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan does not create any copies of itself.

Information stealing

The following information is collected:

  • computer name
  • user name

The collected information is stored in the following file:

  • %home%/id.txt

The trojan searches for files with the following file extensions:

  • .jpg
  • .jpeg
  • .avi
  • .mpg
  • .mpeg
  • .3gp
  • .mov
  • .mp4
  • .txt

Using HTTP protocol, the trojan connects to the following addresses:

  • http://queesta%removed%.com.mx/ynmd.php

The trojan attempts to send the found files to a remote machine.

Other information

The trojan may create the following files:

  • %home%/exceptions.log
  • %home%/pxsnd32.so

Please enable Javascript to ensure correct displaying of this content and refresh this page.