Posts Tagged ‘Trojan.PWS.Panda’

Doctor WebThe company “Doctor Web” – a Russian developer of IT security – inform users of the distribution through peer to peer networks Trojan.PWS.Panda.2395 several malicious programs that use a very interesting mechanism to infect computers. These programs are capable of massive DDoS-attacks and send spam.

Infection of the victim’s computer by using the widespread Trojan Trojan.PWS.Panda.2395. In the first stage of infection by Trojan-supported peer to peer network to a PC victims downloaded the executable file that is encrypted malicious module. After successfully decrypt it launches another module that reads the image in computer memory or other malicious applications detected by Dr.Web anti-virus software as one of the members of the family Trojan.DownLoader.

The program is saved to a user account as an executable file with a random name, and then modifies the registry Windows, to give yourself the ability to automatically run along with the operating system loads. (more…)

Virus AlertMalware: Trojan.PWS.Panda.2395

Technical information

To ensure autorun and distribution:

Modifies the following registry keys:

  • \Software\Microsoft\Windows\CurrentVersion\Run] ‘{1D476073-5E7F-AD41-B897-60D4A63F43C6}’ = ‘”%APPDATA%\Ubbifa\ykud.exe”ь”>[<HKCU> \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] ‘{1D476073-5E7F-AD41-B897-60D4A63F43C6}’ = “% APPDATA% \ Ubbifa \ ykud.exe” (more…)