It also harvests some system information and sends it via email to the attacker. Part of the code includes setting up an Ammyy Admin, a remote desktop software that malware developers use maliciously to gain control of people’s computers. When the user double-clicks the infected shortcut, they end up running the infected target, and more malicious code is downloaded. Once it finds one, it downloads a malicious executable file, then changes the target of the shortcut it found to point at the malicious file. This includes Chrome, Firefox, Internet Explorer, Opera, and Skype. Once the macro activates, the malware looks for specific shortcuts on the desktop. Image of infected document from Trend Micro.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |