Malware type: Trojan

Aliases: Trojan-Downloader.Win32.Banload.bxm (Kaspersky), PWS-Banker (McAfee), Downloader (Symantec), TR/Dldr.Delphi.Gen (Avira), Mal/Heuri-E (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Description: 

This Trojan arrives on a system as a file downloaded from the Internet or dropped by other malware.

It uses the following icon to trick the user into thinking that this Trojan is a non-malicious file:

Upon execution, this Trojan waits for an active Internet connection to redirect the Internet Explorer to certain sites. It then accesses certain other Web sites to download malicious files on the affected system.

The said files are detected as TSPY_BANKER and TSPY_BANCOS variants.

As a result, routines of the downloaded file are exhibited on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Oct. 11, 2007 2:37:27 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.