Win32/TrojanDownloader.Blocrypt [Threat Name] go to Threat

Win32/TrojanDownloader.Blocrypt.C [Threat Variant Name]

Category trojan
Size 147706 B
Detection created Jul 02, 2014
Detection database version 10032
Aliases TR/Rogue.11421652 (Avira)
Short description

Win32/TrojanDownloader.Blocrypt.C is a trojan which tries to download other malware from the Internet. The trojan is usually a part of other malware.


The trojan does not create any copies of itself.

The trojan creates and runs a new thread with its own program code in all running processes.

Other information

The trojan acquires data and commands from a remote computer or the Internet.

The trojan contains a list of (8) URLs. The TCP protocol is used.

It can execute the following operations:

  • download files from a remote computer and/or the Internet
  • run executable files
  • create Registry entries
  • set up a proxy server
  • update itself to a newer version

The trojan keeps various information in the following Registry key:

  • [HKEY_CURRENT_USER\­Software\­Microsoft\­SystemCertificates\­CA\­Certificates\­5A82739996ED9EBA18F1BBCDCCA62D2C1D670C]

Please enable Javascript to ensure correct displaying of this content and refresh this page.