Infostealer.Banker.C

Infostealer.Banker.C Description

Infostealer.Banker.C is a Trojan horse with the ability to steal confidential data from a targeted computer. Infostealer.Banker.C may spread via infected e-mails purportedly from ABN-AMRO bank. Infostealer.Banker.C may gather banking details and send them to a remote attacker. The manual removal of Infostealer.Banker.C is not advised due to it stealth tactics and risk of damage to essential system files.

Aliases

4 security vendors flagged this file as malicious.

Anti-Virus Software Detection
PWS-Zbot.gen.c
Win32/IRCBot.worm.variant
PWS:Win32/Zbot.gen!R
Trojan-Spy.Win32.Zbot.gen

Technical Information

File System Details

Infostealer.Banker.C creates the following file(s):
# File Name Detection Count
1 %ProgramFiles%\carb.exe N/A
2 %ProgramFiles%\microsoft common\svchost.exe N/A
3 %Programs%\startup\ihaupd32.exe N/A
4 %System%\drivers\ub6owr1pvlu.sys N/A
5 %System%\intel32.exe N/A
6 %System%\kerneldrv.exe N/A
7 %System%\mail.exe N/A
8 %System%\oembios.exe N/A
9 %System%\sfnp.exe N/A
10 %System%\twex.exe N/A
11 %System%\win32avs.exe N/A
12 %System%\winds32.exe N/A
13 %Temp%\090322-5-4.exe N/A
14 %Temp%\baracudanew.exe N/A
15 %Temp%\game.exe N/A
16 %Temp%\jdey.exe N/A
17 %Temp%\my.exe N/A
18 %Temp%\svchost.exe N/A
19 %Temp%\tmp2.exe N/A
20 %Temp%\ziqkj4zjgl.exe N/A
21 %UserProfile%\yerg.exe N/A
22 %Windir%\help\eb6c4499b05f.exe N/A
23 %Windir%\svhoster.exe N/A
24 c:\programm files\premium_crypter.exe N/A
25 %ProgramFiles%\bifrost\server.exe N/A
26 %ProgramFiles%\internet explorer\hunterp.exe N/A
27 %ProgramFiles%\test.exe N/A
28 %System%\drivers\no3kkjcgtts.sys N/A
29 %System%\htmlxyexy.dll N/A
30 %System%\javaz.exe N/A
31 %System%\logon.exe N/A
32 %System%\ntos.exe N/A
33 %System%\sdra64.exe N/A
34 %System%\sys2_32.dll N/A
35 %System%\updat.exe N/A
36 %System%\windows64.exe N/A
37 %System%\yvinvul.exe N/A
38 %Temp%\6_ldr.exe N/A
39 %Temp%\file.exe N/A
40 %Temp%\ixp000.tmp\serv.exe N/A
41 %Temp%\ldr_cosmosi.ru_recrypted.exe N/A
42 %Temp%\s09016.exe N/A
43 %Temp%\tmp1.exe N/A
44 %Temp%\zews.exe N/A
45 %UserProfile%\xrt_mgec.exe N/A
46 %Windir%\help\eb6c4499b05f.dll N/A
47 %Windir%\shl.exe N/A
48 %Windir%\system\keygen.exe N/A
49 c:\setup\setup.exe N/A
50 %CommonAppData%\uvafwncj\gvcnglid.exe N/A
51 %ProgramFiles%\crakall\madness crypter\madness crypter\stub.exe N/A
52 %ProgramFiles%\microsoft common\wuacult.exe N/A
53 %System%\1033v.exe N/A
54 %System%\htmlxsixs.dll N/A
55 %System%\javaa.exe N/A
56 %System%\linkvc5.dll N/A
57 %System%\mcenspc.dll N/A
58 %System%\pavuppad.exe N/A
59 %System%\spools.exe N/A
60 %System%\twext.exe N/A
61 %System%\win32z.exe N/A
62 %System%\wsnpoema.exe N/A
63 %Temp%\090322-c-12.exe N/A
64 %Temp%\dll.exe N/A
65 %Temp%\ixp000.tmp\keygen.exe N/A
66 %Temp%\ldr.exe N/A
67 %Temp%\rarsfx0\1.exe N/A
68 %Temp%\temp.exe N/A
69 %Temp%\u83724.exe N/A
70 %UserProfile%\mekoa.exe N/A
71 %Windir%\csrss.exe N/A
72 %Windir%\iexplorer.exe N/A
73 %Windir%\svzip.exe N/A
74 c:\restore\k-1-3542-4232123213-7676767-8888886\ogard.exe N/A