Virus:TR/Spy.Zbot.gay
Date discovered:18/08/2010
Type:Trojan
Subtype:Downloader
In the wild:Yes
Reported Infections:Medium
Distribution Potential:Medium
Damage Potential:Medium to high
Static file:Yes
File size:126.528 Bytes
MD5 checksum:a1d17eddc4e8ca9d1cd2bc12ad3cb942
IVDF version:7.10.11.01 - Monday, August 23, 2010

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Backdoor.Win32.Bredolab.hdt
   •  F-Secure: Trojan:W32/Agent.DKKG
   •  Sophos: Troj/MDrop-CVA
   •  Panda: Trj/CI.A
   •  Eset: Win32/Spy.Zbot.YW
   •  AhnLab: Win-Trojan/Agent.126528.C
   •  DrWeb: Trojan.PWS.Panda.428
   •  Ikarus: Trojan.Injector
   •  Norman: W32/Smalltroj.ZJAJ

It was previously detected as:
   •  TR/Injector.AL


Platforms / OS:
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Lowers security settings
   • Drops files
   • Drops a malicious file
   • Registry modification
   • Steals information
Description inserted by Carlos Valero Llabata on Monday, August 23, 2010
Description updated by Carlos Valero Llabata on Monday, August 23, 2010

Back . . . .