Threat Database Trojans Troj/Zbot-CCH

Troj/Zbot-CCH

By ZulaZuza in Trojans

Threat Scorecard

Ranking: 7,531
Threat Level: 90 % (High)
Infected Computers: 1,290
First Seen: June 26, 2012
Last Seen: September 13, 2023
OS(es) Affected: Windows

Troj/Zbot-CCH is a dangerous Trojan in the Zbot or Zeus family and among the most common malware included in spam campaigns. The role of the Troj/Zbot-CCH Trojan in a malware attack is to establish a backdoor into the victim's computer system and to download a Remote Access Tool (RAT) that allows criminals to control the infected computer system from a remote location. The Troj/Zbot-CCH Trojan may also have keylogger capabilities and have components designed to steal financial information and sensitive data such as online passwords and credit card numbers. Like most Trojans from the Trojan.Zbot or Zeus Trojan family, Troj/Zbot-CCH does not have the ability to spread on its own and will rely on other malware or on social engineering in order to infect a computer system.

Troj/Zbot-CCH and Spam Email Campaigns

Spam email messages are among some of the most common ways in which criminals spread malware such as the Troj/Zbot-CCH Trojan. ESG security researchers have found a widespread outbreak of the Troj/Zbot-CCH Trojan associated with a recent spam email campaign. This spam email campaign will try to convince victims that it contains an email attachment with compromising photos of the victim or of the victim's girlfriend. To do this, most of the messages that have been associated with this spam email campaign will use threatening language blackmailing the victim with the supposed compromising photographs or will attempt to make the victim think that the photos in question have been leaked.

All messages in this spam email campaign share the same file attachment, a ZIP file that is named 'Photos'. However, opening this ZIP file will actually install Troj/Zbot-CCH itself or a downloader Trojan which will then contact a remote server to download and install Troj/Zbot-CCH and other malware threats onto the victim's computer system. In some cases, actual nude photos may be shown in order to distract the victim while the installation of Troj/Zbot-CCH or other malware occurs in the background.

What You Can Do to Protect Yourself from Troj/Zbot-CCH

The best things you can do to protect your computer system from a Troj/Zbot-CCH infection include using reliable security software and common sense when going online. Most malware infections can be prevented by following basic online safety guidelines such as never opening unsolicited email attachments, staying away from websites considered unsafe (such as pornographic websites and file sharing web pages) and always keeping your security software fully up to date.

Aliases

11 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Fortinet W32/Zbot.ACM!tr
Ikarus Trojan.Win32.Ransom
AhnLab-V3 Trojan/Win32.Birele
Sophos Troj/Zbot-CCH
McAfee-GW-Edition Artemis!B4E77546C5A7
DrWeb BackDoor.Andromeda.22
BitDefender Trojan.Generic.KDV.658377
Kaspersky Trojan.Win32.Jorik.Androm.qi
Symantec Downloader.Dromedan
F-Prot W32/Trojan2.NRTE
McAfee Generic.dx!b2u4

SpyHunter Detects & Remove Troj/Zbot-CCH

File System Details

Troj/Zbot-CCH may create the following file(s):
# File Name MD5 Detections
1. IMG4898.exe b4e77546c5a762987fafe289e401aa57 0
2. Photo-12.zip 0fcd721f02143fd8f9ca5c4a2ccadde5 0
3. file.exe f24446bf2bb69ff8bcb377c0cbf6a955 0

Trending

Most Viewed

Loading...