TSPY_BANKER.FGB
October 09, 2012
ALIASES:
Win32/Spy.Banker.WEH trojan (NOD32); W32/Banker.GYD!tr.pws (Fortinet)
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
REPORTED INFECTION:
SYSTEM IMPACT RATING:
INFORMATION EXPOSURE:
![](/vinfo/imgFiles/legend.jpg)
Threat Type: Spyware
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It requires its main component to successfully perform its intended routine.
TECHNICAL DETAILS
File Size:
445,440 bytes
File Type:
EXE
Memory Resident:
Yes
Initial Samples Received Date:
27 Mar 2012
Arrival Details
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Other Details
This spyware requires its main component to successfully perform its intended routine.
NOTES:
This spyware is capable of modifying the access control list (ACLS) on the following files:
- %Windows%\Downloaded Program Files\*.dll
- %Windows%\Downloaded Program Files\*.gpc