Threat Information for "Trojan.DownLoader.7376"

Removal

Summary

Description

Technical Details

Removal

Top

StopSign will automatically remove this infection with a paid membership.

Summary

Top

Name: Trojan.DownLoader.7376
Aliases:
Date Discovered: 2007-02-27
Protection Added: 2007-03-07

Description

Top

-- Ease of Removal

1: Consistent file contents
2: Uses running processes
3: File names randomly generated from a hard-coded list

-- Privacy Risks/Security Changes

1: Mimics legitimate file names

-- Damage/Intrusion/Annoyance

1: Autoruns at startup without an option to be disabled
2: Creates new files
3: Downloads other threats

-- Propagation/Saturation

1: Infects from a link in an email
2: Infects from an email attachment

Technical Details

Top

Added Registry Data:
Key: HKCU\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: *lsass.exe* wildData=TRUE
Added Registry Data:
Key: HKU\S-*\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: *lsass.exe* wildData=TRUE

Membership
Products
- StopSign
- System Requirements
Downloads
Support
- FAQ
- Getting Started
- Helpfiles
- Library
Company
- Press
  - Software Requests
- Investors
- Careers
  - Listings
- Partners
  - Computer Repair Shop
- Trademarks
- Privacy
- Legal
  - EULA
  - T4C Terms
- Terms Of Use
Contact
- Survey
Research
- Search
- Glossary
- Whitepapers
  - Antivirus
  - Firewall
  - Phishing
  - Spyware
- Submit Sample
Sitemap