Trojan-Downloader.Win32.Genome.bxzy

Removal Instructions

If your computer has not been protected with anti-virus software and has been infected with malware, you will need to take the following actions to delete this:

  1. Delete the original program file (its location on the infected computer will depend on how the program got onto the computer).
  2. Delete the following file:
    c:\antivirus.exe

  3. Run a full Kaspersky Antivirus scan of the computer with updated antivirus databases (download trial version).


    MD5: 1b33158711b732bb409f817235977550
    SHA1: f4a869b197bada22a4b01c81a87608cd2a43ddce

    Payload

    When launching, the trojan downloads a file from the internet from the following link:

    http://opx1230.***eave.com/sekso/seko.exe

    The link did not work when creating the description.


    The downloaded file is saved under the following name:

    c:\antivirus.exe

    This file is then launched and the trojan shuts down.

    Technical Details

    A trojan program that downloads files from the internet without the user's knowledge and launches them. It is a Windows application (PE-EXE file). 7680 bytes. Packed WWPack32. Unpacked size – around 14 kB. Written in C++.