Win32/TrojanDownloader.Small.AGX [Threat Name] go to Threat

Win32/TrojanDownloader.Small.AGX [Threat Variant Name]

Category trojan
Size 7168 B
Detection created Nov 25, 2014
Detection database version 10777
Short description

Win32/TrojanDownloader.Small.AGX is a trojan which tries to download other malware from the Internet.

Installation

The trojan does not create any copies of itself.

Information stealing

The trojan collects the following information:

  • information about the operating system and system settings

The trojan attempts to send gathered information to a remote machine.

Other information

The trojan contains a URL address.


It tries to download a file from the address.


The file is stored in the following location:

  • %appdata%\­%existingfolder%\­winup.exe

The HTTP protocol is used. The file is then executed.


The trojan creates the following file:

  • %startup%\­winup.lnk

The file is a shortcut to a malicious file.


The trojan may set the following Registry entries:

  • [HKEY_CURRENT_USER\­SOFTWARE\­Microsoft\­Windows\­CurrentVersion\­Run]
    • "TimeUpdater" = "%appdata%\­%existingfolder%\­winup.exe"

This causes the trojan to be executed on every system start.

Please enable Javascript to ensure correct displaying of this content and refresh this page.