Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Panda Security’s weekly report on viruses and intruders

July 2008 by Panda

This week’s PandaLabs report looks at the Manyasu.A, FJoiner.A and Sinowal.VNL Trojans.

Manyasu.A is an annoying Trojan that slows down all system processes, affecting the computer’s performance.

If a file containing the Trojan is run, it creates three copies of itself under the names k.exe, winllg.exe and winlng.exe. The original file and the three copies all run in resident mode, and make yet another copy, called s.exe. This last file is created and then eliminated repeatedly, creating a loop that slows down the system.

FJoiner.A is a Trojan designed to steal confidential information. This malicious code reaches computers in a file which has a typical image file icon.

In fact, if run, an image is displayed. This is just to mask the real action that the Trojan is performing. It injects code into explorer.exe and iexplore.exe files, causing them to search for confidential data (passwords, etc.) and send it to an Internet address.

Finally, Sinowal.VNL, like other variants of this prolific family of Trojans, is designed to steal passwords and bank details. It can also spoof or tamper with the Web pages of certain banks. For example, it can add a new field to online forms.




See previous articles

    

See next articles