Trojan.Dialer.EG
MEDIUM
VERY LOW
87,656 bytes, packed with UPX
()
Symptoms
Presence of Montorgueil directory under %ProgramFiles% directory.
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Alexandru Maximciuc, virus researcher
Technical Description:
This Trojan is a Hot/Elite Dialer, used to access pornographic material by dialing a high-cost number.
When first run, creates a directory with the same name as the executable used to launch the program under %ProgramFiles%\Montorgueil\ where it copies itself
(i.e.: if the user starts MyDialer.exe, then the trojan will copy itself as %ProgramFiles%\Montorgueil\MyDialer\MyDialer.exe)
Creates registry entries under HKCU\Software\Montorgueil\Kit\
SHARE
THIS ON