Win32/Agent.UTV [Threat Name] go to Threat

Win32/Agent.UTV [Threat Variant Name]

Category trojan
Size 76800 B
Aliases Trojan.Win32.Yakes.dhpp (Kaspersky)
Short description

Win32/Agent.UTV is a trojan which tries to download other malware from the Internet. The trojan is usually a part of other malware.

Installation

The trojan does not create any copies of itself.


The trojan creates and runs a new thread with its own program code within the following processes:

  • svchost.exe
  • csrss.exe
  • lsass.exe
  • explorer.exe
Other information

The trojan tries to download a file from the Internet. The HTTP protocol is used in the communication.


The downloaded files contain encrypted executables.


The file is executed as a thread in the folowing process:

  • explorer.exe

The trojan keeps various information in the following Registry key:

  • [HKEY_USERS\­%usersid%\­SOFTWARE\­Classes\­CLSID\­{%variable%}]

A string with variable content is used instead of %variable% .

Please enable Javascript to ensure correct displaying of this content and refresh this page.