Trojanspy.Win32.Banker
Posted: March 28, 2006
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 923 |
| First Seen: | July 24, 2009 |
|---|---|
| Last Seen: | May 29, 2023 |
| OS(es) Affected: | Windows |
This keylogger is designed to steal financial information, such as financial documents, passwords, etc. It scans the keylog, retrieves the valuable information and sends it to hacker. This keylogger belongs to a large money-stealing family of keyloggers, designed for illegal financial activity. It may also include a 'backdoor' function.
Trojanspy.Win32.Banker
Aliases
Trj/Banker.ITS [Panda]PSW.Banker.CXM [AVG]W32/Banker.TOA!tr [Fortinet]Troj/Bancb-Fam [Sophos]Heuristic.LooksLike.Win32.Suspicious.F [McAfee-GW-Edition]TrojWare.Win32.Spy.Banker.Gen [Comodo]Trojan-Banker.Win32.Banker.add [Kaspersky]Win32.Banker.add [eSafe]Win32:Banker-AKX [Trj] [Avast]W32/Banker.BWD [F-Prot]Artemis!2E40F0BD1D17 [McAfee]Win32.TrojanSpy.Banker.abg.d [CAT-QuickHeal]PSW.Banker6.ETM [AVG]W32/Banker.42FF!tr [Fortinet]Trojan/Win32.Gen [AhnLab-V3]
More aliases (793)
More aliases (793)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\crss.exe
File name: crss.exeSize: 64.51 KB (64512 bytes)
MD5: 8925257ccb1c2c2bd432e83ef0c457f5
Detection count: 206
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: April 14, 2017
wmiprevse.exe
File name: wmiprevse.exeSize: 86.01 KB (86016 bytes)
MD5: 9f188cb4273bfec742a29d995ce3d72c
Detection count: 95
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
winhlpj.exe
File name: winhlpj.exeSize: 870.91 KB (870912 bytes)
MD5: 1d841b8f7b37502b1eedbfea70479f6a
Detection count: 95
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 5, 2010
winhlpf.exe
File name: winhlpf.exeSize: 488.96 KB (488960 bytes)
MD5: 0156302f88e05dbcebc67c932a529ddf
Detection count: 94
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 5, 2010
imglog.exe
File name: imglog.exeSize: 1.21 MB (1212351 bytes)
MD5: 0cbec6f63d85d8d60dbaa09d07786022
Detection count: 86
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
C:\Users\<username>\Desktop\file.exe
File name: file.exeSize: 189.46 KB (189460 bytes)
MD5: 6ff126fbfba2d6cdac39a1122c4b27f7
Detection count: 60
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\Desktop
Group: Malware file
Last Updated: November 20, 2018
imola.exe
File name: imola.exeSize: 606.72 KB (606720 bytes)
MD5: bdcdf49382a9d6852726ea7d26955927
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 3, 2010
%APPDATA%\crss.exe
File name: crss.exeSize: 672.25 KB (672256 bytes)
MD5: 0da92039b232d0ddf65835319c565d22
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: April 14, 2017
Windows32.exe
File name: Windows32.exeSize: 3.99 MB (3995136 bytes)
MD5: b7ea7d0e80510679054de0ebdb72ebef
Detection count: 51
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
system.exe
File name: system.exeSize: 3.72 MB (3727360 bytes)
MD5: fecf1bf998b0e6b5331c2cc2f7c0b405
Detection count: 46
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: February 1, 2010
temp01.exe
File name: temp01.exeSize: 2.46 MB (2466677 bytes)
MD5: ae8a862aae6289c2d0362c9942d87242
Detection count: 45
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 28, 2010
Explorer.exe
File name: Explorer.exeSize: 621.56 KB (621568 bytes)
MD5: e34a0399592df0a799ac6e76788e83bf
Detection count: 41
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
%APPDATA%\crss.exe
File name: crss.exeSize: 90.11 KB (90112 bytes)
MD5: 7c6ef02afe5e2723c945a821c933531c
Detection count: 37
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: April 14, 2017
file.exe
File name: file.exeSize: 453.63 KB (453632 bytes)
MD5: 5b514664ec9c1f19b570942074b28b33
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 6, 2017
file.exe
File name: file.exeSize: 5.12 MB (5122048 bytes)
MD5: bd3aa3edf89b2c142925e05ae814168d
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: October 16, 2017
RunDLL31.exe
File name: RunDLL31.exeSize: 4.15 MB (4152320 bytes)
MD5: 18c432cdbfe28558bbba4e834bef6e16
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
msnmsgr.exe
File name: msnmsgr.exeSize: 422.91 KB (422912 bytes)
MD5: 21bfb6cf9a932eb07fe7dec7e061440f
Detection count: 10
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 15, 2010
krn4.exe
File name: krn4.exeSize: 4.79 MB (4798976 bytes)
MD5: 997870a187d84d65609d683c9952728a
Detection count: 6
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
%WINDIR%\svchosts.scr
File name: svchosts.scrSize: 819.71 KB (819712 bytes)
MD5: 2e40f0bd1d17ba2622dad3098a2c594a
Detection count: 5
Mime Type: unknown/scr
Path: %WINDIR%
Group: Malware file
Last Updated: October 17, 2012
More files
Registry Modifications
The following newly produced Registry Values are:
Regexp file mask%APPDATA%\crss.exe%USERPROFILE%\internet.dll
Regexp file mask%APPDATA%\crss.exe%USERPROFILE%\internet.dll
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.