Win32/DataStealer [Threat Name] go to Threat

Win32/DataStealer.E [Threat Variant Name]

Category trojan
Size 237630 B
Detection created Nov 05, 2012
Signature database version 7660
Aliases Trojan.Win32.Agentb.fqo (Kaspersky)
Short description

Win32/DataStealer.E is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine.

Installation

The trojan does not create any copies of itself.

Information stealing

Win32/DataStealer.E is a trojan that steals sensitive information.


The trojan searches local drives for files with the following file extensions:

  • .jpg
  • .jpeg
  • .dmp

The trojan attempts to send gathered files to a remote machine.


The trojan contains a list of (1) addresses. The FTP protocol is used.

Other information

The trojan executes the following commands:

  • for /r C:\­%x in (*.jpg *.jpeg *.dmp) do @copy /y %x C:\­
  • for /r D:\­%x in (*.jpg *.jpeg *.dmp) do @copy /y %x C:\­
  • for /r E:\­%x in (*.jpg *.jpeg *.dmp) do @copy /y %x C:\­

Please enable Javascript to ensure correct displaying of this content and refresh this page.