Published Jan 05, 2011|Updated Sep 15, 2017

Trojan:Win32/Bohu.A!Installer

Severe |Detected with Windows Defender Antivirus

Aliases: Trojan.Win32.Goriadu.ael (Kaspersky) Win32/AntiAV.NGZ (ESET) Trojan.Win32.AntiCloudAV.n (Rising AV) Mal/Emogen-Y (Sophos) TROJ_GORIADU.SMC (Trend Micro)

Summary

Trojan:Win32/Bohu.A!Installer writes random data into the end of its dropped files to avoid detection based on their hashes.
 
It installs an NDIS intermediate miniport driver and Windows Sockets service provider interface (SPI) to filter network access. It does this to prevent client programs from uploading data to a remote server.

 

Latest news
VIEW ALL