When run, TrojanDownloader:Win32/Obvod.M copies itself to c:\documents and settings\all users\application data\rdn7o5qq.exe.
The malware creates the following files on your PC:
Contacts remote host
TrojanDownloader:Win32/Obvod.M can contact a remote host at 18.104.22.168 using port 80. Commonly, malware does this to:
- Report a new infection to its author
- Receive configuration or other data
- Download and run files (including updates or additional malware)
- Receive instruction from a remote attacker
- Upload data taken from the affected computer
This malware description was produced and published using our automated analysis system's examination of file SHA1 3e8d466956f15628a6bbda68b07274749f0f9b19.