Trojan-Banker.Win32.Banbra.ukb
Trojan-Banker.Win32.Banbra.ukb is a malicious Trojan designed to steal banking details. Trojan-Banker.Win32.Banbra.ukb uses stealth tactics to enter the PC before downloading other harmful files from the Internet. Trojan-Banker.Win32.Banbra.ukb steals financial data like credit card numbers and online banking login details by taking screen snapshots of user activity. Trojan-Banker.Win32.Banbra.ukb also downloads additional components and poses a severe security risk to computer safety.
File System Modifications
- The following files were created in the system:
# File Name 1 %AppData%\BID 2 %AppData%\BID\Log 3 %AppData%\BID\Queue 4 %CommonPrograms%\Bulk Image Downloader 5 %ProgramFiles%\Bulk Image Downloader 6 %ProgramFiles%\Bulk Image Downloader\firefox extension 7 %ProgramFiles%\Bulk Image Downloader\help 8 %ProgramFiles%\Bulk Image Downloader\iemenu 9 %ProgramFiles%\Bulk Image Downloader\locale 10 %ProgramFiles%\Bulk Image Downloader\locale\ar 11 %ProgramFiles%\Bulk Image Downloader\locale\ar\LC_MESSAGES 12 %ProgramFiles%\Bulk Image Downloader\locale\bs 13 %ProgramFiles%\Bulk Image Downloader\locale\bs\LC_MESSAGES 14 %ProgramFiles%\Bulk Image Downloader\locale\ca 15 %ProgramFiles%\Bulk Image Downloader\locale\ca\LC_MESSAGES 16 %ProgramFiles%\Bulk Image Downloader\locale\cs 17 %ProgramFiles%\Bulk Image Downloader\locale\cs\LC_MESSAGES 18 %ProgramFiles%\Bulk Image Downloader\locale\da 19 %ProgramFiles%\Bulk Image Downloader\locale\da\LC_MESSAGES 20 %ProgramFiles%\Bulk Image Downloader\locale\de 21 %ProgramFiles%\Bulk Image Downloader\locale\de\LC_MESSAGES 22 %ProgramFiles%\Bulk Image Downloader\locale\el 23 %ProgramFiles%\Bulk Image Downloader\locale\el\LC_MESSAGES 24 %ProgramFiles%\Bulk Image Downloader\locale\en 25 %ProgramFiles%\Bulk Image Downloader\locale\en\LC_MESSAGES 26 %ProgramFiles%\Bulk Image Downloader\locale\es 27 %ProgramFiles%\Bulk Image Downloader\locale\es\LC_MESSAGES 28 %ProgramFiles%\Bulk Image Downloader\locale\es_GL 29 %ProgramFiles%\Bulk Image Downloader\locale\es_GL\LC_MESSAGES 30 %ProgramFiles%\Bulk Image Downloader\locale\et 31 %ProgramFiles%\Bulk Image Downloader\locale\et\LC_MESSAGES 32 %ProgramFiles%\Bulk Image Downloader\locale\fi 33 %ProgramFiles%\Bulk Image Downloader\locale\fi\LC_MESSAGES 34 %ProgramFiles%\Bulk Image Downloader\locale\fr 35 %ProgramFiles%\Bulk Image Downloader\locale\fr\LC_MESSAGES 36 %ProgramFiles%\Bulk Image Downloader\locale\hr 37 %ProgramFiles%\Bulk Image Downloader\locale\hr\LC_MESSAGES 38 %ProgramFiles%\Bulk Image Downloader\locale\id 39 %ProgramFiles%\Bulk Image Downloader\locale\id\LC_MESSAGES 40 %ProgramFiles%\Bulk Image Downloader\locale\it 41 %ProgramFiles%\Bulk Image Downloader\locale\it\LC_MESSAGES 42 %ProgramFiles%\Bulk Image Downloader\locale\lt 43 %ProgramFiles%\Bulk Image Downloader\locale\lt\LC_MESSAGES 44 %ProgramFiles%\Bulk Image Downloader\locale\lv 45 %ProgramFiles%\Bulk Image Downloader\locale\lv\LC_MESSAGES 46 %ProgramFiles%\Bulk Image Downloader\locale\nl 47 %ProgramFiles%\Bulk Image Downloader\locale\nl\LC_MESSAGES 48 %ProgramFiles%\Bulk Image Downloader\locale\pl 49 %ProgramFiles%\Bulk Image Downloader\locale\pl\LC_MESSAGES 50 %ProgramFiles%\Bulk Image Downloader\locale\pt 51 %ProgramFiles%\Bulk Image Downloader\locale\pt\LC_MESSAGES 52 %ProgramFiles%\Bulk Image Downloader\locale\pt_BR 53 %ProgramFiles%\Bulk Image Downloader\locale\pt_BR\LC_MESSAGES 54 %ProgramFiles%\Bulk Image Downloader\locale\ro 55 %ProgramFiles%\Bulk Image Downloader\locale\ro\LC_MESSAGES 56 %ProgramFiles%\Bulk Image Downloader\locale\ru 57 %ProgramFiles%\Bulk Image Downloader\locale\ru\LC_MESSAGES 58 %ProgramFiles%\Bulk Image Downloader\locale\sk 59 %ProgramFiles%\Bulk Image Downloader\locale\sk\LC_MESSAGES 60 %ProgramFiles%\Bulk Image Downloader\locale\sr 61 %ProgramFiles%\Bulk Image Downloader\locale\sr\lc_messages 62 %ProgramFiles%\Bulk Image Downloader\locale\sv 63 %ProgramFiles%\Bulk Image Downloader\locale\sv\LC_MESSAGES 64 %ProgramFiles%\Bulk Image Downloader\locale\tr 65 %ProgramFiles%\Bulk Image Downloader\locale\tr\LC_MESSAGES 66 %ProgramFiles%\Bulk Image Downloader\locale\uk 67 %ProgramFiles%\Bulk Image Downloader\locale\uk\LC_MESSAGES 68 %ProgramFiles%\Bulk Image Downloader\locale\zh_CHS 69 %ProgramFiles%\Bulk Image Downloader\locale\zh_CHS\LC_MESSAGES 70 %ProgramFiles%\Bulk Image Downloader\locale\zh_CHT 71 %ProgramFiles%\Bulk Image Downloader\locale\zh_CHT\LC_MESSAGES 72 %Temp%\BID 73 %Temp%\BID\cookies
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Antibody SoftwareHKEY_CURRENT_USER\Software\Antibody Software\Bulk Image DownloaderHKEY_CURRENT_USER\Software\JavasoftHKEY_CURRENT_USER\Software\Javasoft\ExHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExtHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\En&queue current page with BIDHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Enqueue link tar&get with BIDHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Open &link target with BIDHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Open current page with BI&DHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Open current page with BID Link E&xplorerHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User AgentHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post PlatformHKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bidlistHKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bidqueueHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloaderHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloaderQueueHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloaderQueue\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloaderQueue\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloaderQueue\shell\openHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloaderQueue\shell\open\commandHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloader\DefaultIconHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloader\shellHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloader\shell\openHKEY_LOCAL_MACHINE\SOFTWARE\Classes\BulkImageDownloader\shell\open\commandHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FC17A95-AFC6-4AB2-8196-BF55262079D0}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FC17A95-AFC6-4AB2-8196-BF55262079D0}\InprocServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FC17A95-AFC6-4AB2-8196-BF55262079D0}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FC17A95-AFC6-4AB2-8196-BF55262079D0}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FC17A95-AFC6-4AB2-8196-BF55262079D0}\VersionHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B317B6C1-F55B-48AF-8621-81A3A1FFC95E}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B317B6C1-F55B-48AF-8621-81A3A1FFC95E}\ProxyStubClsidHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B317B6C1-F55B-48AF-8621-81A3A1FFC95E}\ProxyStubClsid32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B317B6C1-F55B-48AF-8621-81A3A1FFC95E}\TypeLibHKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E50084A-CD0A-4CE8-9E79-25F050DFADAB}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E50084A-CD0A-4CE8-9E79-25F050DFADAB}\1.0HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E50084A-CD0A-4CE8-9E79-25F050DFADAB}\1.0\0HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E50084A-CD0A-4CE8-9E79-25F050DFADAB}\1.0\0\win32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E50084A-CD0A-4CE8-9E79-25F050DFADAB}\1.0\FLAGSHKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E50084A-CD0A-4CE8-9E79-25F050DFADAB}\1.0\HELPDIRHKEY_LOCAL_MACHINE\SOFTWARE\Classes\bidiecom.BIDInterfaceHKEY_LOCAL_MACHINE\SOFTWARE\Classes\bidiecom.BIDInterface\ClsidHKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\Old_CurrentHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Bulk Image Downloader_is1
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.