Win32/Agent.QMF [Threat Name] go to Threat

Win32/Agent.QMF [Threat Variant Name]

Category trojan
Size 54272 B
Detection created Dec 10, 2009
Detection database version 10143
Aliases Trojan.Win32.Yakes.flvc (Kaspersky)
Short description

Win32/Agent.QMF is a trojan which tries to download other malware from the Internet.


When executed, the trojan copies itself into the following location:

  • %currentfolder%\­%variable%.tmp

A string with variable content is used instead of %variable% .

The file is then executed.

After the installation is complete, the trojan deletes the original executable file.

Other information

The trojan acquires data and commands from a remote computer or the Internet.

The network communication with remote computer/server is encrypted.

The trojan contains a list of (3) URLs. The HTTP protocol is used in the communication.

It tries to download a file from the addresses.

After decryption the data is saved in the following files:

  • %currentfolder%\­%variable%.tmp

The files are then executed.

A string with variable content is used instead of %variable% .

Please enable Javascript to ensure correct displaying of this content and refresh this page.