Threat Database Trojans TrojanDownloader:Win32/Dowfeld.A


By GoldSparrow in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 155
First Seen: October 26, 2015
Last Seen: February 11, 2023
OS(es) Affected: Windows

The Dowfeld trojan falls in the category of trojan downloaders and is similar to Nemucod and Lacam The TrojanDownloader:Win32/Dowfeld malware may be used by hackers to install other malicious software on compromised systems and TrojanDownloader:Win32/Dowfeld may arrive on your PC as an attached file to spam emails. The TrojanDownloader:Win32/Dowfeld may insert a Mutex in the Windows Registry of infected systems to prevent other instances of itself from running on the same PC. The TrojanDownloader:Win32/Dowfeld malware is designed to connect to dummy domains like that are registered by its operators and may download and install other cyber threats. The TrojanDownloader:Win32/Dowfeld malware uses port 80 for its communications in HTTP format and might limit the Internet bandwidth of infected users. Additionally, the TrojanDownloader:Win32/Dowfeld malware can execute simple commands like finding your PC's location, collecting information regarding your software and hardware configuration and validating digital signatures. The TrojanDownloader:Win32/Dowfeld malware may place a corrupted LNK file in your system's startup folder to avoid security scans and run every time you turn on your computer. The Dowfeld trojan may be used to install keyloggers like Zeus Keylogger and Golden Keylogger to collect your online banking credentials and logins for social media. That type of information fetches a good price on underground cybercrime forums, and the Dowfeld trojan should not be underestimated. Computer users that suspect infiltration of the Dowfeld trojan should check if their Windows Firewall is turned on from the 'Control Panel' and install a trusted anti-malware solution to eradicate the TrojanDownloader:Win32/Dowfeld malware.

Related Posts


Most Viewed