Threat Database Trojan Downloader TrojanDownloader:Win32/Kanav.F

TrojanDownloader:Win32/Kanav.F

By Sumo3000 in Trojan Downloader

Threat Scorecard

Ranking: 7,276
Threat Level: 10 % (Normal)
Infected Computers: 161
First Seen: February 6, 2013
Last Seen: August 25, 2023
OS(es) Affected: Windows

TrojanDownloader:Win32/Kanav.F is a Trojan that drops and runs other malware infections on the corrupted PC. TrojanDownloader:Win32/Kanav.F also deletes a registry entry, if it is found, that's related to online gaming. When installed, TrojanDownloader:Win32/Kanav.F makes system changes by adding malevolent files. TrojanDownloader:Win32/Kanav.F creates the registry entry so that it can launch its copy automatically whenever Windows is started. TrojanDownloader:Win32/Kanav.F queries certain websites, which may return an encrypted string. When decrypted, the string tells TrojanDownloader:Win32/Kanav.F where to drop and run other files. TrojanDownloader:Win32/Kanav.F deletes gaming settings. TrojanDownloader:Win32/Kanav.F also deletes the registry entry, if the victim has it in the PC. TrojanDownloader:Win32/Kanav.F steals information about the affected computer system, which it transfers to 'exeinfo1.org'.

File System Details

TrojanDownloader:Win32/Kanav.F may create the following file(s):
# File Name Detections
1. %ProgramFiles%\Common Files\Apple\Mobile Device Support\apple.exe

Registry Details

TrojanDownloader:Win32/Kanav.F may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Blizzard Entertainment\Battle.net\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\[RANDOM CLSID] "stubpath" = "%ProgramFiles%\Common Files\Apple\Mobile Device Support\apple.exe

Trending

Most Viewed

Loading...