TROJ_DLOADR.NHG
TrojanDownloader:Win32/Upatre (Microsoft)
Windows
![](/vinfo/imgFiles/legend.jpg)
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives as attachment to mass-mailed email messages. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
TECHNICAL DETAILS
25,088 bytes
EXE
28 Nov 2014
Arrival Details
This Trojan arrives as attachment to mass-mailed email messages.
It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Download Routine
This Trojan then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
Other Details
This Trojan connects to the following possibly malicious URL:
- http://{BLOCKED}ign.com/site_images/sec_photos/t2.pnd
- http://{BLOCKED}e.co.uk/t2.pnd
- http://{BLOCKED}.{BLOCKED}.222.238:11499/2811uk2/{computername}/-/{OS Version}-{Service Pack}/0/