Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Guntor

Trojan.Guntor

By ZulaZuza in Trojans

Threat Scorecard

Popularity Rank: 9,853
Threat Level: 90 % (High)
Infected Computers: 3,265
First Seen: August 15, 2013
Last Seen: November 28, 2025
OS(es) Affected: Windows

Trojan.Guntor is a Trojan that can harm data and even the whole targeted computer system. Trojan.Guntor may reduce the affected PC's security and stability. Trojan.Guntor may also decrease the PC's performance. Trojan.Guntor may violate the victim's privacy and security. Trojan.Guntor may collect personal information on the corrupted PC and tramsmit it to a remote attacker. Trojan.Guntor permits cybercriminals to obtain full remote access and control over the attacked PC. Trojan.Guntor enters the victimized computer without the target PC user's permission and knowledge. Trojan.Guntor masquerades as a legitimate program and thus, fools computer users into downloading and installing it. Trojan.Guntor can be unintentionally downloaded from infected websites.

Analysis Report

General information

Family Name: Trojan.IRCBot.D
Signature status: No Signature

Known Samples

MD5: d24ccfd643b36e964d7c790d66f48a38
SHA1: b75b22844740f0e2363e97155ee9a04aa9cb15e4
SHA256: AC0AFFD561B3BCFFA73B605243E4E941AD9A91D0EF23E45AD06A6577835E08E6
File Size: 10.24 KB, 10240 bytes
MD5: a2c368389aae9825ca1b626a501a8004
SHA1: 6cea8eeeb447c6f8485a54f226b790c81bf6bd5b
SHA256: 40C098DE4F415CD378F22D414474D50C7E1DD5A9799419FC50F231BF9354BD02
File Size: 1.10 MB, 1100288 bytes
MD5: f84c7f84e8e6efb60e51659338c06ef9
SHA1: bb9dd97d4e8c2df4c8028f50798930cbd517b81b
SHA256: 521C00E5621AC288727F3078553DDB0610DDEF270AE4E39141EDA29266D66D48
File Size: 12.80 KB, 12800 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name RJCOM
File Description Telephone Billing System
File Version 4.0.2.0
Product Version 3.02
Programmer Ramlan H

File Traits

  • HighEntropy
  • No Version Info
  • x86

Block Information

Total Blocks: 4
Potentially Malicious Blocks: 2
Whitelisted Blocks: 2
Unknown Blocks: 0

Visual Map

0 x x 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • IRCBot.D

Files Modified

File Attributes
c:\users\user\appdata\local\temp\ ¥§x.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ ¥§~.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ ¥¥’.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ ¥§.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §§.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §¥".¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §"¥.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §9¥.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §æ¥¬.¢¬ Generic Write,Read Attributes

Trending

Most Viewed

Loading...