Trj/GdSda.A DescriptionType: Trojan
Trj/GdSda.A is a detection name that AV companies might use to refer to a Remote Access Trojan (RAT). The Trj/GdSda.A RAT is classified as a mid-tier threat that is employed in campaigns to steal user credentials for online banking portals and social media accounts. Trj/GdSda.A is what some cyber security researchers might call an info stealer Trojan. Modern-day threats are complex programs that are not easily classified as Trojans, worms, ransomware, and RATs. Threats like the Trj/GdSda.A include a keylogger module that can be used to record your keyboard (virtual keyboard included) input and clicks on online forms. The careful examination of Trj/GdSda.A revealed that an attacker could use the threat to scan the compromised computer for data and extract files over HTTP data transmission protocol. Trj/GdSda.A is reported to include the ability to copy user credentials saved in software like Mozilla Thunderbird, Skype, mIRC, XChat, FileZilla, Google Chrome, Mozilla Firefox, Opera and Internet Explorer.
Malware researchers alert that the Trj/GdSda.A Trojan is installed on computers utilizing physical access. That means that a threat actor needs direct access to the targeted computer. The payload of Trj/GdSda.A may be saved to a USB drive, which can be used to inject a corrupted code via the PlugNPlay technology on Windows. The Trj/GdSda.A Trojan might be registered as a system service to avoid AV scanners and monitor the user's activity. The threat may run from the Temp, AppData and System32 folders on the primary local disk. Trj/GdSda.A appears to support 64-bit and 32-bit operating systems, and it can run on the latest versions of Windows. It is recommended that you run a complete system scan with a reputable anti-malware solution if you suspect infection with Trj/GdSda.A. The symptoms of Trj/GdSda.A infection include program errors, inability to access folders under the AppData directory, processes with random names in the Task Manager and failure to log in your email client. AV companies may use the following names to identify code that belongs to Trj/GdSda.A:
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.