Threat Encyclopedia

TROJ_SWIZZOR

Publish date: October 09, 2012

ALIASES:

C2Lop, Lop

PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:

  • Threat Type:Trojan

  • Destructiveness:No

  • Encrypted:

  • In the wild: Yes

OVERVIEW

Infection Channel:

Downloaded from the Internet


SWIZZOR malware arrive as files downloaded from the Internet. Variants of SWIZZOR were detected as early as 2004.

SWIZZOR is a family of Trojans used to download other malware files. It does this by redirecting browser traffic to malicious advertisement pages, which host other malware.

TECHNICAL DETAILS

Memory Resident:

Yes

Payload:

Connects to URLs/IPs, Displays graphics/image

Adware Routine

This Trojan connects to the following URLs to download and display ads:

  • {BLOCKED}s.{BLOCKED}59-195.com
  • {BLOCKED}s.{BLOCKED}s-local.com

Featured Stories

Connect with us on