Trojan.Banker
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 23,101 |
| Threat Level: | 90 % (High) |
| Infected Computers: | 7,312 |
| First Seen: | July 24, 2009 |
| Last Seen: | January 6, 2026 |
| OS(es) Affected: | Windows |
Trojan.Banker is a constantly evolving type of threat that tries to collect banking information from its victims. Trojan.Banker contains most of the distinctive traits of high-level Trojans but may be way harder to detect and remove than most of them. The ways this cyber threat may compromise the security of its victims are standard. A significant part of the affected people admit that prior to the infection they had opened suspicious files sent via email or downloaded software from unverified sources. If you are careful when you conduct these two operations, the chances for Trojan.Banker to reach you should diminish greatly. However, if your PC is already infected with some other threat, this notorious Trojan may be downloaded automatically. Trojan.Banker works in the background so you may perceive no symptoms whatsoever about the upcoming danger. This parasite may monitor your online actions. Trojan.Banker has means to detect when you are on a banking site.
In case you make the mistake to type your login credentials while Trojan.Banker is there, the people that control Trojan.Banker may obtain this crucial data. It goes without saying that the results may be huge financial losses. All the intercepted information reaches the hackers through some machines that are used for the attack. They are called 'Command and Control ' servers. With their help, the culprits are able to communicate with their threats. They may send various instructions and execute different operations. It is possible Trojan.Banker to contribute to the download of additional cyber threats. Just like other banking Trojans, this threat may interfere with the Windows Registries, which makes Trojan.Banker quite a challenge to be deleted manually. If you have any suspicions that Trojan.Banker may be present, you should download a powerful anti-malware tool immediately.
Table of Contents
Aliases
15 security vendors flagged this file as malicious.
| Antivirus Vendor | Detection |
|---|---|
| Kaspersky | Trojan-Banker.Win32.Agent.axd |
| AVG | PSW.Banker5.BEUT |
| Avast | Win32:Banker-GRX |
| Sophos | Sus/Behav-269 |
| McAfee | Generic PWS.y!coe |
| Kaspersky | Trojan-Banker.Win32.Banker.bbqq |
| ClamAV | BC.Heuristics.Rootkit.B-7.MV |
| eSafe | Win32.Spy.Banker.Prq |
| NOD32 | a variant of Win32/Spy.Banker.PRQ |
| McAfee | Artemis!E27E6549AD9C |
| McAfee | Artemis!EF1AAF78FB4E |
| Sophos | Mal/VB-BL |
| TrendMicro | TSPY_BANKER.OGS |
| Sunbelt | Trojan.Win32.Malware |
| NOD32 | Win32/Spy.Banker.AKGG |
SpyHunter Detects & Remove Trojan.Banker
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | taskWin.exe | 9b6bf5b960ebd4d8ebe92089d670fd4c | 3,099 |
| 2. | unp199856236.tmp | f8c0ba1568f1936e9861f1dfcc0b7bec | 307 |
| 3. | USB Vibration Joystick(07.exe | c16a3c32a5d0895fbaf3a76f0c264a45 | 92 |
| 4. | MacromediaFlesh.exe | 7eea4697ab8c6930138e5cbbce938e04 | 83 |
| 5. | dwin.exe | a5d003e7727e8c38cd847c778f2a8321 | 9 |
| 6. | nl2.exe | 85ccbc7dcf3eaf761d7a6c31aa8a2de1 | 7 |
| 7. | nl4.exe | 56dd7e2825a8f60db0966830bc936f76 | 7 |
| 8. | nl7.exe | 875209f1fcd5c214c92050eeab3215aa | 7 |
| 9. | csrss.exe | 39c1014fe02ec8984fa0fdfd18d93fe1 | 7 |
| 10. | servicesnb.exe | 690d7c1839ddb7c47a9a6b63a51c8b14 | 7 |
| 11. | nl3.exe | e53152dbb05761d56dc9adfad7fa9ee5 | 5 |
| 12. | netsvcs32.exe | 68ef39373a779cd6e9333a916a0cfffe | 5 |
| 13. | msobjut.exe | 6cc3760e6cb027ada2fa7e49feed7b48 | 4 |
| 14. | necomp.bin.exe | 90bba3b6d0a6daa31fc54137922214dc | 4 |
| 15. | AntiSansur.exe | 9491aa6af1e6b0383536d61f590819f8 | 1 |
| 16. | E63D9ACC.sys | e27e6549ad9c53de39541f6fc7625394 | 1 |
| 17. | ctfmon.exe | c7c7d11b94e13af0b34facef9207d625 | 1 |
| 18. | winnt4.exe | 4e5dc8cb901d5e33466d48f0a54849e8 | 0 |
| 19. | aecces.exe | 75f943c9778e3397aaedadff89c430bf | 0 |
| 20. | mediaplayer.exe | 7a25380e0e7489c2ffa53c99ad328aa8 | 0 |
| 21. | Yinnet00.exe | bf6ae02c41d732cc3542fcd7c9611a84 | 0 |
| 22. | services.exe | ee55496b41c6c850fe5fcbc2de21d73c | 0 |
| 23. | hostne.exe | 6a6c511058beea2c9b8580d5651a51d8 | 0 |
| 24. | sbfiv.exe | 96e3f05d645f5d9ed3be96490e54a0d3 | 0 |
| 25. | userviet.exe | 4ff5e64e5f53f8bb4a5b678640ee6016 | 0 |
| 26. | mydpla.exe | 85e6885b72cee06f34d8791afeb2fc90 | 0 |
| 27. | appconf32.exe | 030ee66e1d914bab33c82b9149008efc | 0 |
| 28. | 03ecc9db25eff7bda2864e0efb2c1bcc | 03ecc9db25eff7bda2864e0efb2c1bcc | 0 |
Registry Details
Directories
Trojan.Banker may create the following directory or directories:
| %APPDATA%\BLozhitheto KUachoundefinedu |
