Trojan Downloader Nenim Deletes Components to Prevent Analysis

Experts from Microsoft's Malware Protection Center have studied the threat

By on April 15th, 2013 18:01 GMT

Researchers from Microsoft’s Malware Protection Center have analyzed a clever Trojan downloader dubbed TrojanDownloader:Win32/Nemim.gen!A.

Once it infects a computer, the downloader retrieves two component files: Virus:Win32/Nemim.gen!A and PWS:Win32/Nemim.A.

The first component is a file infector that’s designed to infect executable files from removable drives, while the second component is a password stealer that can harvest passwords for email accounts set up in the system, Live Messenger, Google Talk, Google Desktop and Google Notifier.

Once these two components achieve their goals, the downloader will delete them in a manner that makes them unrecoverable. This way, the cybercriminals can make sure researchers can’t analyze their creation.

Microsoft experts advise users whose computers have been infected with this piece of malware to change all their passwords since it’s likely that they’ve been stolen by the malicious element.
Microsoft Malware Protection Center experts analyze Trojan Downloader Nenim
   Microsoft Malware Protection Center experts analyze Trojan Downloader Nenim
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments