Win32/Miep [Threat Name] go to Threat

Win32/Miep.A [Threat Variant Name]

Category trojan
Size 31232 B
Aliases TrojanSpy:Win32/Lurk.E (Microsoft)
  Trojan.Filurkes (Symantec)
  Win32:Lurk-D (Avast)
Short description

Win32/Miep.A is a trojan which tries to download other malware from the Internet.


When executed, the trojan copies itself into the following location:

  • %temp%\­%variable%.tmp

A string with variable content is used instead of %variable% .

The following Registry entries are created:

  • [HKEY_CURRENT_USER\­Software\­Classes\­CLSID\­{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}\­InProcServer32]
    • "(Default)" = "%temp%\­%variable%.tmp"
    • "ThreadingModel" = "Both"

The trojan can create and run a new thread with its own program code within the following processes:

  • iexplore.exe
  • firefox.exe

The trojan quits immediately if it detects certain security applications running.

Information stealing

Win32/Miep.A is a trojan that steals sensitive information.

The trojan collects the following information:

  • installed firewall application
  • antivirus software detected on the affected machine

The trojan attempts to send gathered information to a remote machine.

Other information

The trojan contains a list of (3) URLs.

It tries to download a file from the addresses.

The file is executed as a thread in the folowing process:

  • iexplore.exe

The HTTP protocol is used.

Please enable Javascript to ensure correct displaying of this content and refresh this page.