Infostealer.Bankeiya DescriptionType: Trojan
Infostealer.Bankeiya is an info-stealer Trojan that is used in attacks against Japanese computer users. Infostealer.Bankeiya reroutes online traffic on the compromised PC. Infostealer.Bankeiya then strives to steal information from particular websites. Upon execution, Infostealer.Bankeiya creates a registry entry so that it can load automatically on the computer every time the PC user boots up Windows. Infostealer.Bankeiya downloads configuration settings from a specific web address. Infostealer.Bankeiya then saves the configuration settings to a specific file before updating itself. Infostealer.Bankeiya transfers the operating system (OS) version installed on the corrupted PC to a specific location. Infostealer.Bankeiya then controls Internet Explorer traffic for the specific URLs linked to online banking websites. If one of the URLs are visited, Infostealer.Bankeiya will show a bogus login screen and record any entered credentials. Infostealer.Bankeiya then transmits the stolen credentials to the remote cybercrook.
File System Details
|#||File Name||Detection Count|
|1||%UserProfile%\Application Data\ini.ini||N/A +|
More Details on Infostealer.Bankeiya
- Bttxs.com/getp.asp?MAC=&VER=[OS VERSION]
- Profile.hatena.ne.jp/ml[RANDOM NUMBER]
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.