29 September 2015
Description of malware class
A malicious program that stealthily installs other malicious programs, which are contained in the body of this type of Trojan, on a computer without the user's authorization.
In most cases, this type of malware saves other files to the disk of the victim computer (usually in the Windows folder, a Windows system folder, a temporary folder, etc.) and runs them without displaying any notifications (or sometimes with deceptive notifications about an archive error, invalid operating system version, and so forth).
By using programs of this class, hackers achieve two goals:
- Installing Trojans and viruses in a stealthy way.
- Preventing detection by anti-virus software, since not all anti-virus software is able to scan all the components inside such Trojans.
Description of platform
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.
Description of malware family
These malicious programs install other malware, which is contained within the program, and run it on an infected computer without the user's knowledge.
Geographical distribution of attacks by the Trojan-Dropper.Win32.Agent family
Geographical distribution of attacks during the period from 27 September 2014 to 27 September 2015
Top 10 countries with most attacked users (% of total attacks)
|Country||% of users attacked worldwide*|
* Percentage among all unique Kaspersky Lab users worldwide who were attacked by this malware