Threat Database Trojans Win32/Bamital.X

Win32/Bamital.X

Win32/Bamital.X is a Windows platform Trojan. Win32/Bamital.X is designed to redirect a victim's online search engine results to websites that contain adware. Win32/Bamital.X uses rootkit techniques to avoid detection and removal. When inside a machine, Win32/Bamital.X will remain connected to a remote hacker who will frequently update the list of websites that Win32/Bamital.X redirects victims' browsers to.

File System Details

Win32/Bamital.X may create the following file(s):
# File Name Detections
1. %system%\mshlps.dll
2. %system%\kbdsock.dll
3. %system%\info.tmp

Registry Details

Win32/Bamital.X may create the following registry entry or registry entries:
"AppSecDll" = "%system%\mshlps.dll"
"LoadAppInit_DLLs" = 1
Session Manager\AppCertDlls]
Windows]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\

Trending

Most Viewed

Loading...