Trojan.Clicker.MNB
VERY LOW
VERY LOW
4672
(Trojan-Downloader.Win32.Tiny.id, Trojan.Downloader.26570,W32/Downloader2.ALU)
Symptoms
Presence of HKEY_CURRENT_USER\SOFTWARE\Microsoft\CAC registry key.
Presence of unexpected network connection to the 65.243.x.x host.
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Daniel RADU, virus researcher
Technical Description:
The trojan obtains an unique UUID on computer used to identify it which gets sent using GET method to a PHP script located on an internet server:
http://65.243.X.X/trafc-2/rfe.php[..]
Malware deletes itself after execution.
SHARE
THIS ON