TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TSPY_BAYROB.B
Overview
Solution
Technical Details

QUICK LINKS  

Download the latest scan engine

TypeSpyware

In the wild: No

Destructive: No

Language: English

Systems affected: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

 Low

Reported detections:

 Low

System  impact:

 High

Information exposure:

 High

Infection Channel 1Spammed via email

 

Description:

To get a one-glance comprehensive view of the behavior of this spyware, refer to the Behavior Diagram shown below.

TSPY_BAYROB.B Behavior Diagram

Spyware Overview

This spyware arrives as attachment to email messages spammed by another malware or a malicious user.

It drops a copy of itself. It drops non-malicious files. It executes one of the non-malicious files to hide its malicious routine. The said file is a damaged Kodak Viewer Express.

This spyware monitors the browsing habits of the user and waits until the said user logs on to eBay Web sites. It then connects to a certain Web site and attempts to place a bid.

It also connects to other Web sites. However, as of this writing, the said Web sites are inaccessible.

For additional information about this threat, see:
Solution
Technical Details



Tell us how we did. Take our quick survey.