Win32/Spy.Agent.NYU [Threat Name] go to Threat

Win32/Spy.Agent.NYU [Threat Variant Name]

Category trojan
Size 238592 B
Detection created Apr 03, 2012
Detection database version 8525
Aliases Backdoor.Win32.NetWiredRC.i (Kaspersky)
  Backdoor:Win32/NetWiredRC.B (Microsoft)
Short description

The trojan serves as a backdoor. It can be controlled remotely.

Installation

When executed, the trojan copies itself into the following location:

  • %appdata%\­xilicons.exe

The trojan creates the following file:

  • %startup%\­xilicons.lnk

The file is a shortcut to a malicious file.


This causes the trojan to be executed on every system start.

Information stealing

Win32/Spy.Agent.NYU is a trojan that steals sensitive information.


The trojan collects the following information:

  • login user names for certain applications/services
  • login passwords for certain applications/services
  • web browser history

The following programs are affected:

  • Chrome
  • Chromium
  • Internet Explorer
  • Microsoft Outlook
  • Mozilla Firefox
  • Opera
  • Pidgin
  • SeaMonkey
  • Thunderbird
  • Windows Live

The following information is collected:

  • user name
  • computer name
  • operating system version
  • memory status
  • list of computer users

The trojan can send the information to a remote machine.

Other information

The trojan acquires data and commands from a remote computer or the Internet.


The trojan contains a URL address. The TCP, HTTP protocol is used.


It can execute the following operations:

  • log keystrokes
  • watch the user's screen content
  • capture screenshots
  • download files from a remote computer and/or the Internet
  • send files to a remote computer
  • run executable files
  • execute shell commands
  • update itself to a newer version
  • send the list of running processes to a remote computer
  • terminate running processes
  • send the list of disk devices and their type to a remote computer
  • send the list of files on a specific drive to a remote computer
  • move files
  • delete files
  • create folders
  • simulate user's input (clicks, taps)
  • capture webcam video/voice

Please enable Javascript to ensure correct displaying of this content and refresh this page.