TrojanDownloader:Win32/Bradop.A

TrojanDownloader:Win32/Bradop.A Description



TrojanDownloader:Win32/Bradop.A is the downloader component for a banking Trojan family that, like many others, focuses on stealing account logins from Brazilian banks. TrojanDownloader:Win32/Bradop.A is distributed by fraudulent e-mail messages that include embedded images with shortened links to TrojanDownloader:Win32/Bradop.A; after its launch, TrojanDownloader:Win32/Bradop.A will proceed with installing a second component that’s responsible for stealing personal information. SpywareRemove.com malware researchers rank TrojanDownloader:Win32/Bradop.A and its relatives as high-level PC threats that should be removed with sophisticated anti-malware products, since TrojanDownloader:Win32/Bradop.A and its kin use multiple components and standard spyware techniques to avoid being detected while they steal account login data.

TrojanDownloader:Win32/Bradop.A: Just the Start of Your Problems if You’re Too Careless with Your Clicks


As a Trojan that preferentially attacks Brazilian banks, TrojanDownloader:Win32/Bradop.A’s e-mail-based messages also focus on Brazilian victims by including Portuguese text and references to Brazil-based organizations like Serasa. These messages include fake receipt images while claiming to offer information about a recent financial transaction, but this receipt actually is just the trap that TrojanDownloader:Win32/Bradop.A hides its link in. Once clicked, this link (which SpywareRemove.com security analysts have discovered to be shortened with a generic Bitly service) will install TrojanDownloader:Win32/Bradop.A.
Download SpyHunter Spyware Scanner
In some cases, a separate web page with some minor Brazilian content, such as news articles, will also be opened to distract you from the fact that your PC is being attacked.

TrojanDownloader:Win32/Bradop.A is responsible for both installing and automatically running a second component of its attack, TrojanSpy:Win32/Bradop.B. TrojanSpy:Win32/Bradop.B will attempt to monitor and steal information from Brazilian bank sites, e-mail accounts, social networking accounts and also accounts for some web domain hosts. SpywareRemove.com malware researchers encourage you to scan your PC to remove both TrojanDownloader:Win32/Bradop.A and TrojanSpy:Win32/Bradop.B, since they’re unlikely to respond to normal software removal techniques with any degree of cooperation. Afterwards, changing any potentially-compromised passwords and other security information is also strongly recommended.

How You Can Keep TrojanDownloader:Win32/Bradop.A’s Cadre of Spies Off of Your PC


Although reports of TrojanDownloader:Win32/Bradop.A in the wild have only been observed as of May 2012, TrojanDownloader:Win32/Bradop.A’s e-mail messages have already been viewed tens of thousands of times, with its estimated success rate for installation being staggering at just over sixty percent. In light of this, SpywareRemove.com malware researchers strongly encourage Brazilian PC users to be cautious about viewing or interacting with e-mail messages from unusual sources. As a cautionary tip, reputable financial organizations will never send links embedded in banner images or use file attachments, since these are common security hazards that TrojanDownloader:Win32/Bradop.A and other PC threats exploit for their own purposes.

While most of TrojanDownloader:Win32/Bradop.A’s attacks are concerned with victimizing Brazilian bank customers, some aspects of TrojanDownloader:Win32/Bradop.A’s payload can also attack non-Brazilian information, including Twitter, Hotmail and Gmail accounts. The presence of banking Trojans or associated PC threats like TrojanDownloader:Win32/Bradop.A should always be considered a danger to your computer until the situation is resolved via anti-malware software or a PC security expert.


TrojanDownloader:Win32/Bradop.A Automatic Detection Tool (Recommended)


Is your PC infected with TrojanDownloader:Win32/Bradop.A? To safely & quickly detect TrojanDownloader:Win32/Bradop.A, we highly recommend you run the malware scanner listed below.



Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 file.exe 372
    2 fonghas.dmp 365
    3 wherd5.exe 351
    4 file.exe 344
    5 \inf\machineusa.inf N/A
    6 \inf\machine1.inf N/A
    7 \inf\machinez.inf N/A
    8 %Temp%\strFileDestVar1.cpl N/A
    9 %windir%\System32\rundll32.exe Shell32.dll,Control_RunDLL "%temp%\strFileDestVar1.cpl" N/A
    10 %windir%\\ N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\{Value}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "" = "%windir%\SysTem32\rundll32.exe Shell32.dll,Control_RunDLL HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "" = "%windir%\SysTem32\rundll32.exe Shell32.dll,Control_RunDLL "%temp%\strFileDestVar1.cpl""
Posted: June 19, 2012 | By
Share:
Follow Me on Pinterest More More
Threat Level: 9/10
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Rate this article:
Detection Count: 75
Home Malware ProgramsTrojans TrojanDownloader:Win32/Bradop.A

Leave a Reply

What is 15 + 12 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)