Win32/Rustock [Threat Name] go to Threat

Win32/Rustock.NKU [Threat Variant Name]

Category trojan
Size 269824 B
Aliases Backdoor.Win32.NewRest.bc (Kaspersky)
  TrojanDropper:Win32/Rustock.J (Microsoft)
  Win32:Neredr (Avast)
Short description

Win32/Rustock.NKU is a trojan that installs Win32/Rustock.NIH malware.

Installation

The trojan does not create any copies of itself.


The trojan may create the following files:

  • %system%\­drivers\­beep.sys (92032 B, Win32/Rustock.NIH)
  • %system%\­drivers\­null.sys (92032 B, Win32/Rustock.NIH)
  • %system%\­drivers\­glaide32.sys (92032 B, Win32/Rustock.NIH)

The trojan may install the following system drivers (path, name):

  • %system%\­drivers\­beep.sys, Beep
  • %system%\­drivers\­null.sys, Null
  • %system%\­drivers\­glaide32.sys, Glaide32.sys
Other information

After the installation is complete, the trojan deletes the original executable file.

Please enable Javascript to ensure correct displaying of this content and refresh this page.