Trojan.HTML.PHISH.TIAOOHTR

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Este malware no tiene ninguna rutina de propagación.

Este malware no tiene ninguna rutina de puerta trasera.

Detalles de entrada

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Propagación

Este malware no tiene ninguna rutina de propagación.

Rutina de puerta trasera

Este malware no tiene ninguna rutina de puerta trasera.

Otros detalles

Hace lo siguiente:

• Sends the gathered informaton via POST method to a webhosted malicious file detected as Trojan.PHP.PHISH.CNQ
• Connects to the following website(s) to get images and logos of legitimate companies:
  • http://www.dhl.com/img/favicon.gif
  • http://www.dhl.com/img/modules/5_1_dhl_global_locator_all_340_187.gif
  • http://www.dhl.com/img/meta/dhl_logo.gif
  • http://mimg.126.net/logo/126logo.gif
  • http://p.ebaystatic.com/aw/pics/logos/logoEbay_x45.gif
  • http://img3.cache.netease.com/www/logo/logo_png.png
  • https://www.google.com/images/logos/mail_logo.png
  • https://secure.wlxrs.com/~Live.SiteContent.ID/~16.0.2/~/~/~/~/images/WindowsLive.png
  • http://mimg.yeah.net/logo/yeahlogo_middle.gif
  • http://l.yimg.com/a/i/ww/met/yahoo_logo_us_061509.png