Analysis by: John Kevin Sanchez

 PLATFORM:

Windows

 OVERALL RISK RATING:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

  TECHNICAL DETAILS

File Size: 68,591 bytes
File Type: PDF
Initial Samples Received Date: 22 Sep 2017

Arrival Details

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Other Details

This Trojan connects to the following possibly malicious URL:

  • https://www.{BLOCKED}computer{BLOCKED}.com/kd{BLOCKED}k/ay{BLOCKED}/index.html
  • http://www.{BLOCKED}computer{BLOCKED}.com:443
  • http://www.{BLOCKED}computer{BLOCKED}.com/w{BLOCKED}nt/{BLOCKED}ds/2014/04/ab{BLOCKED}go.jpg
  • http://ht{BLOCKED}v.{BLOCKED}code.com/svn/t{BLOCKED}/{BLOCKED}5.js
  • https://www.{BLOCKED}computer{BLOCKED}.com/kd{BLOCKED}k/ay{BLOCKED}/index.html#gmw-{BLOCKED}og-{BLOCKED}widget-2
  • https://www.{BLOCKED}computer{BLOCKED}.com/mac-{BLOCKED}/
  • https://www.{BLOCKED}computer{BLOCKED}.com/screen-{BLOCKED}
  • https://www.{BLOCKED}computer{BLOCKED}.com/computer-{BLOCKED}
  • https://www.{BLOCKED}computer{BLOCKED}.com/con{BLOCKED}