Sticky Knowledge Base

Trojan

  • 10 January 2019
  • 0 replies
  • 558 views
Trojan
Userlevel 7
Badge +36
Trojans are installed generally without a user’s full, meaningful, and informed consent. A Trojan differs from most malware as the payload (or the behavior) of a Trojan can be controlled potentially from a remote site.

Trojan Dropper: A file that contains at least one additional, malicious file. For a file to be a Trojan Dropper and not solely a “dropper” its payload must be comprised of multiple, unrelated spies (multiple, unrelated spies indicate that this is a custom, affiliate installer). A Trojan Dropper may be an executable that contains multiple files. When the Trojan Dropper executes, the files inside the .exe are installed. A Trojan Dropper may also be a .chm (Windows Help File). Since a .chm is really a Windows proprietary compressor, it may contain multiple, malicious bundles inside the .chm, which the Trojan Dropper installs when the user exec Trojan Downloader: After installation, the Trojan contacts a remote host/site and installs packages or affiliates from the remote host. These installs usually occur without the user’s knowledge. Additionally, a Trojan Downloader’s payload may differ from installation to installation since it obtains downloading instructions from the remote host/site.utes the .chm file.

Trojan Backdoor: After a Trojan Backdoor installs itself, it contacts or listens to a remote site/computer. A Trojan Backdoor may receive instructions or may pass information to a remote/computer. Generally, it opens a port, allowing the machine on which the Trojan Backdoor is running to be further compromised.

Trojan Bot: A Trojan bot is a compromised system that can be controlled (via hard-wired instructions or remotely) as one of many bots that can perform activities such as:

  • Participating in DDoS attacks
  • Sending spam
  • Transferring sensitive information on command
Trojan Phisher: A Trojan Phisher may sit on an infected computer waiting for a specific web page to be visited or may scan the infected machine looking for user names and passwords for bank sites, auction sites or online payment sites.
Trojan Relayer: A Trojan Relayer is an application that’s primary function is to relay spam messages from the infected computer.

Trojan Relayer: A Trojan Relayer is an application that’s primary function is to relay spam messages from the infected computer.

Below are some of the known trojan variants:


This topic has been closed for comments