Threat Encyclopedia

Home > Threat Center > Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

O
P
Q
R
S
T
U
V
W
X
Y
Z
Glossary

Win32/PSW.VB.NEY

Aliases:	Trojan-Downloader.Win32.VB.mxw (Kaspersky), TrojanDownloader:Win32/Troxen!rts (Microsoft), Generic Downloader.x!dny trojan (McAfee)
Type of infiltration:	Trojan
Size:	73730 B
Affected platforms:	Microsoft Windows
Signature database version:	4989 (20100331)

Short description

Win32/PSW.VB.NEY installs a backdoor that can be controlled remotely.

Installation

When executed the trojan copies itself in the following locations:

%system%data0012a.txt.txt
%system%data0012a.txt.exe

The trojan creates the following files:

%startup%santa.bat

In order to be executed on every system start, the trojan sets the following Registry entry:

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersion
Run]
"Winsys32sys" = "%system%data0012a.txt.exe"

Other information

The trojan acquires data and commands from a remote computer or the Internet. The trojan contains a list of (1) URLs. The HTTP protocol is used.

It can execute the following operations:

download files from a remote computer and/or the Internet
run executable files

All Products:

Cart About ESET Partners United States and Canada

© 2012 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America.
All other names and brands are registered trademarks of their respective companies.