|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Threat Diagram shown below.
Malware Overview
This Trojan may be dropped by the following malware:
It drops a file which Trend Micro detects as TROJ_DLOADR.TXWQ. It then executes the dropped file. As a result, malicious routines of the dropped file are exhibited on the affected system. It then deletes the dropped file.
It uses the MoveFileExA(DELAY_UNTIL_REBOOT) API so that several files are dropped upon system reboot. Trend Micro detects some of the dropped files as TROJ_DLOADR.TXWQ.
It sets the time of the said file to April 27, 2003, 10:00:00 PM to trick users that it is an old file from the system. It also creates a mutex to ensure that only one instance of itself is running in memory.
For additional information about this threat, see:
Solution
Technical Details
Description created: May. 7, 2009 3:57:44 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
