Threat Encyclopedia

Home > Threat Center > Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

O
P
Q
R
S
T
U
V
W
X
Y
Z
Glossary

Short description

The trojan tries to download a file from the Internet. The file is then executed.

Installation

The trojan does not create any copies of itself.

The following files are dropped into the %system%\drivers\ folder:

%random_name%.sys (33952 B)

%random_name% stands for a random text.

Installs the following system drivers:

%system%\drivers\%random_name%.sys

The following Registry entries are created:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
%random_name%]
"Type" = 1
"Start" = 1
"ErrorControl" = 0
"ImagePath" = "\SystemRoot\%system%\drivers\
%random_name%.sys"

more...

Other information

The trojan contains a list of (1) URLs. It tries to download a file from the address.

The file is then saved as "mirabella_exp5_m.exe" and executed. The HTTP protocol is used.

All Products:

Cart About ESET Partners United States and Canada

© 2012 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America.
All other names and brands are registered trademarks of their respective companies.