Threat Encyclopedia

Home > Threat Center > Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

O
P
Q
R
S
T
U
V
W
X
Y
Z
Glossary

Short description

Win32/TrojanDownloader.Swizzor.AG is a trojan which tries to download other malware from the Internet. The file is run-time compressed using UPC .

Installation

The trojan does not create any copies of itself.

The trojan may display the following message:

Other information

The trojan connects to the following addresses:

http://%randomstr%.bins.lop.com/bins/[%removed%]

%randomstr% stands for a random text.

It tries to download several files from the addresses.

These are stored in the following locations:

%temp%\Rem%variable%.TMP

A string with variable content is used instead of %variable% .

The trojan creates copies of the following files (source, destination):

%temp%\Rem%variable%.TMP, %temp%\Rem%variable%.TMP.exe

The trojan executes the following command:

%temp%\Rem%variable%.TMP.exe -Curl a9e72fc9 -MpX70000011

All Products:

Cart About ESET Partners United States and Canada

© 2012 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America.
All other names and brands are registered trademarks of their respective companies.