Downloader-CBG

Downloader-CBG Description

Downloader-CBG is Trojan downloader that may infect a compromised system with additional malware. Downloader-CBG may enter systems via unsolicited e-mails or drive-by downloads. Once inside a system, Downloader-CBG may download backdoor or spyware programs that will put a victim's confidential information at risk of being stolen. Downloader-CBG may also make changes to the registry as well as create a start-up registry key.

Technical Information

File System Details

Downloader-CBG creates the following file(s):
# File Name Detection Count
1 %Temp%\info_y8.exe N/A
2 %System%\Com\comadmine.dll N/A
3 %System%\Servicx.exe N/A
4 %System%\tlntsvi_5033.exe N/A
5 %DesktopDir%\Internet Explorer.lnk N/A

Registry Details

Downloader-CBG creates the following registry entry or registry entries:
RegistryKey
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sanseex\Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Advanced INF Setup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sanseex]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sanseex\Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\open\Command]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sanseex]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\open]