TrojanDownloader:MSIL/Pstinb.E

The Pstinb malware falls into the category of Trojan Downloaders and has several versions that may feature a slightly different code, but exhibit the same behavior. Cyber threats from the Pstinb subdivision of Trojan Downloaders connect to 'Command and Control' servers located on accounts on the Pastebin.com platform. The Pstinb Trojan Downloaders may be spread among users via spam mail campaigns and utilize the icon of ZIP, PNG, RAR and DOCX file types to invite users to launch the payload of Pstinb. Once the users attempt to open the disguised executable of TrojanDownloader:MSIL/Pstinb.E the Trojan installs its files in the Temp folder of Windows and creates a task in the Windows Task Scheduler to be run at the next system boot up.

As stated before, the TrojanDownloader:MSIL/Pstinb.E malware uses port 80 to connect to a predefined account on Pastebin.com, inform its operators of a successful infiltration and await instructs. Additionally, the TrojanDownloader:MSIL/Pstinb.E malware may compile a report on your computer configuration, browsing history, IP address, and ISP and send it o its operators. The Pstinb malware is a Trojan Downloader and might download and install malware such as Phase Bot and Rustock CV that may allow third parties to run, close, install and modify programs on your computer remotely. Another possibility that TrojanDownloader:MSIL/Pstinb.E opens to its operators is that it may install cryptomalware like Alpha Crypt and BandarChor, and you may lose your files for good and up to a thousand dollars in Bitcoins. Paste.bin is deemed as a trusted domain and the threatening activities of TrojanDownloader:MSIL/Pstinb.E may be hard to detect by most AV vendors. Responsible computer users should install a reputable anti-malware solution to prevent the infiltration of the Pstinb malware.