Troj/Pushdo-Gen

By AV Secure on December 30, 2008 11:01 AM | No Comments | No TrackBacks

Troj/Pushdo-Gen is a family of Trojans for the Windows platform.

When members of Troj/Pushdo-Gen are installed they drop and run a further file in memory, usually detected as Troj/Pushu-Gen or Mal/Basine-C. This may then drop further files, including some of the following:

<Windows>\system32\drivers\ip6fw.sys
<Windows>\system32\drivers\netdtect.sys
<System>\drivers\runtime.sys
<System>\drivers\secdrv.sys

These files are used to provide stealthing for the Trojan.

The dropped file in memory will also often attempt to inject further code into Internet Explorer.

Categories:

Tags:

No TrackBacks

TrackBack URL: http://avsecure.com/mt/mt-tb.cgi/6

Leave a comment

Search

About this Entry

This page contains a single entry by AV Secure published on December 30, 2008 11:01 AM.

W32/Netsky-P Worm was the previous entry in this blog.

Storm Worm is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.