TrojanDownloader:Win32/Drstwex.A is a trojan that connects to a remote server to download and execute arbitrary files. This trojan may be installed by other malware.
Downloads arbitrary files
In the wild, this trojan has been observed attempting to connect to the following IP addresses using TCP port 8000:
If a connection is successfully established, TrojanDownloader:Win32/Drstwex.A downloads an arbitrary file and saves it into the Temporary folder of the Windows computer. Afterwards, it executes the downloaded file and consequently installs it in the affected computer.
At the time of writing, no connection could be successfully established with the remote servers for further analysis. However, these domains have been known to host installers for rogue security software in the past, so it is possible that a rogue could be downloaded into the affected computer.
Analysis by Gilou Tenebro
Alert notifications or detections of this malware from installed antivirus or security software may be the only other symptoms.