Trojan-Downloader.Win32.Agent.brk
Trojan-Downloader.Win32.Agent.brk is a trojan downloader that attempts to download malware by sending an HTTP GET command along with personal information of the computer. Trojan-Downloader.Win32.Agent.brk may also generate large numbers of popup adverts, and it will also attempt to bypass the Windows Firewall. The downloaded malware has been identified as Rootkit.Win32.Agent.ey which makes the infected computer become an e-mail spam bot.
Trojan-Downloader.Win32.Agent.brk is being distributed in emails with subjects like:
Good summer
Sunrise in your life
Life will be better
Life is good
Do it for pleasure
Good summer, dude
Wanna be slim?
Be like me!
Paradice in bed
Two Telephone Calls And An Air
To be slim
File System Modifications
- The following files were created in the system:
# File Name 1 1.exe 2 1184221489.exe 3 2.exe 4 7.exe 5 atom.exe 6 atom[1].exe 7 d1.exe 8 lanmandrv.sys 9 lanmanwrk.exe 10 loader.exe 11 loader1.exe 12 loader_testing.exe 13 n.exe 14 oader_3.exe 15 qmockfoh.exe 16 qmopt.dll 17 shdqvaaa.exe 18 socks.exe 19 sqvxga7met4.exe 20 sss1.exe 21 startdrv.exe 22 svchostes.exe 23 tol.exe 24 winand.exe 25 winatm.exe 26 windar.exe 27 winpar.exe 28 winrkl.exe
The e-mail attachment found in Trojan-Downloader.Win32.Agent.brk has been updated and named bsaver.zip.
2exe infcted