TrojanDownloader:MSIL/Pstinb.E
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 1,585 |
Threat Level: | 90 % (High) |
Infected Computers: | 35,343 |
First Seen: | November 23, 2015 |
Last Seen: | February 14, 2023 |
OS(es) Affected: | Windows |
The Pstinb malware falls into the category of Trojan Downloaders and has several versions that may feature a slightly different code, but exhibit the same behavior. Cyber threats from the Pstinb subdivision of Trojan Downloaders connect to 'Command and Control' servers located on accounts on the Pastebin.com platform. The Pstinb Trojan Downloaders may be spread among users via spam mail campaigns and utilize the icon of ZIP, PNG, RAR and DOCX file types to invite users to launch the payload of Pstinb. Once the users attempt to open the disguised executable of TrojanDownloader:MSIL/Pstinb.E the Trojan installs its files in the Temp folder of Windows and creates a task in the Windows Task Scheduler to be run at the next system boot up.
As stated before, the TrojanDownloader:MSIL/Pstinb.E malware uses port 80 to connect to a predefined account on Pastebin.com, inform its operators of a successful infiltration and await instructs. Additionally, the TrojanDownloader:MSIL/Pstinb.E malware may compile a report on your computer configuration, browsing history, IP address, and ISP and send it o its operators. The Pstinb malware is a Trojan Downloader and might download and install malware such as Phase Bot and Rustock CV that may allow third parties to run, close, install and modify programs on your computer remotely. Another possibility that TrojanDownloader:MSIL/Pstinb.E opens to its operators is that it may install cryptomalware like Alpha Crypt and BandarChor, and you may lose your files for good and up to a thousand dollars in Bitcoins. Paste.bin is deemed as a trusted domain and the threatening activities of TrojanDownloader:MSIL/Pstinb.E may be hard to detect by most AV vendors. Responsible computer users should install a reputable anti-malware solution to prevent the infiltration of the Pstinb malware.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.