Win32/Glupteba [Threat Name] go to Threat

Win32/Glupteba.AF [Threat Variant Name]

Category trojan
Size 95065 B
Detection created Jan 28, 2014
Detection database version 10014
Aliases Trojan-Ransom.NSIS.Onion.ovg (Kaspersky)
  Trojan:Win32/Carberp.I (Microsoft)
Short description

The trojan serves as a proxy server.

Installation

The trojan does not create any copies of itself.


The trojan creates the following files:

  • %appdata%\­HodmanAnemone.a (2029 B)
  • %appdata%\­Flotsam.XRu (50566 B)
  • %appdata%\­Blowfish.dll (49152 B, Win32/Injector.CYBS)

The trojan executes the following files:

  • %malwarefilepath%

The trojan creates and runs a new thread with its own code within these running processes.

Other information

The trojan acquires data and commands from a remote computer or the Internet.


The trojan contains a list of (300) URLs. The HTTP, TCP protocol is used in the communication.


The trojan serves as a proxy server.


Please enable Javascript to ensure correct displaying of this content and refresh this page.