| Win32/TrojanDownloader.Bredolab.AA is a detection for a stealthy trojan that infects computers through Adobe .swf and .pdf files to download and execute additional malware files onto the system via the HTTP protocol. The Bredolab.AA trojan may also enter the system with help of other downloader families like Win32/TrojanDownloader.FakeAlert, Exploit:Win32/Pdfjsc or other trojan. The trojan will connect to a remote IP addresses, the downloaded and executed threats may include spyware, adware, bots, trojans, worms, rootkits and various password stealer threats.
When executed, Win32/TrojanDownloader.Bredolab.AA copies itself into Windows system locations and launches processes like explorer.exe and svchost.exe. The trojan may also create copies of files such as zqosys32.exe, ntdll.dll, kernel32.dll, wiaserva.lo and
and change regitry entries to load itself on every system boot-up.
|
