Home Malware Programs Trojans TROJ_HILOTI.FNZ

TROJ_HILOTI.FNZ

Posted: August 27, 2010

TROJ_HILOTI.FNZ is a malicious Trojan which causes problems for PC users once active on a targeted system. TROJ_HILOTI.FNZ uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. TROJ_HILOTI.FNZ takes advantage of a vulnerability in Adobe Reader and Acrobat and should be removed from the system immediately. Once the vulnerability is successfully exploited, attackers could make unauthorized cross-domain requests from the affected system.

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{random characters}HKEY..\..\..\..{RegistryKeys}{random characters}= rundll32.exe {malware path and filename},Startup{random characters}= rundll32.exe {malware path and filename},iep
Loading...