is the DLL component of the Mediyes family, a multi-component family that steals account information for online payment systems.
may be dropped and installed in the system by other members of the Mediyes family. Trojan:Win32/Mediyes.B is injected into browser processes such as the following:
Connects to a remote server
may connect to a remote server to perform the following actions:
- get configuration file
- notify the server of a successful installation
- get additional information
Analysis by Elda Dimakiling
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.