Trojan-Downloader.Win32.VB.aoff
The Trojan-Downloader.Win32.VB.aoff Trojan is a banking Trojan which has been wreaking havoc since summer of 2011. This dangerous malware threat is designed to enter a computer, disable most of its security measures, and then allow criminals to steal the victim's banking information (such as account numbers, account login names, passwords, and credit card information). Trojan-Downloader.Win32.VB.aoff is designed to affect the Windows boot loader, making Trojan-Downloader.Win32.VB.aoff Trojan a particularly vicious malware infection. Trojan-Downloader.Win32.VB.aoff seems to originate in Brazil, a country that PC security researchers will recognize as a source of many of the most common banking Trojans. The main way in which Trojan-Downloader.Win32.VB.aoff propagates is through the use of malicious email phishing scams, usually in the form of an embedded link or an attached file. It is because of this that ESG malware analysts strongly advise against clicking on links or downloading attachments contained in any unsolicited email.
Table of Contents
Understanding a Trojan-Downloader.Win32.VB.aoff Trojan Infection
Clicking on the link in these malicious emails will download a couple of files from the Web Services cloud provided by Amazon. These files, with names that resemble an anti-virus application from Microsoft (with names such as 'msclean' and 'msantivirus'), are actually designed to enter the infected computer's boot loader in order to start up even before the infected computer's operating system is launched. This allows Trojan-Downloader.Win32.VB.aoff's associated malware to operate completely undetected on the victim's computer system. Once installed, the files downloaded by Trojan-Downloader.Win32.VB.aoff will replace the ntldr boot loader (Windows' default boot loader) with a malicious version of GRUB, which is specifically designed to execute the criminal's commands. This boot loader can then start up a Linux-based operating system which will automatically remove security plug-ins associated with Brazilian banks as well as most of Microsoft's security defenses, leaving the victim's computer system completely open to attack.
Symptoms of a Trojan-Downloader.Win32.VB.aoff Trojan Infection
The worst part of a Trojan-Downloader.Win32.VB.aoff Trojan infection is that Trojan-Downloader.Win32.VB.aoff Trojan is designed to be virtually undetectable. The main symptom of a Trojan-Downloader.Win32.VB.aoff Trojan infection will usually manifest itself in boot times that are longer than normal, accounting for the time it takes for the downloaded malware to carry out the dangerous actions that were mentioned above. Trojan-Downloader.Win32.VB.aoff will attempt to deflect attention from this symptom by displaying a message claiming that Windows is actually 'removing malicious files' from the victim's hard drive.
SpyHunter Detects & Remove Trojan-Downloader.Win32.VB.aoff
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | file.exe | a3e8e8153ee75d584c112bd0373f8c1e | 0 |
2. | 5.exe | 9c7f6100153538b8f511002b4912352c | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.