is a member of Win32/Banload
- a family of trojans that downloads other malware. Banload is usually used to download and install members of the Win32/Banker and Win32/Bancos families onto affected computers. Win32/Banker and Win32/Bancos are trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.
creates the following files on an affected computer:
Contacts remote host
TrojanDownloader:Win32/Banload.ACO may contact a remote host at www.contagotas.com.br using port 80. Commonly, malware may contact a remote host for the following purposes:
- To report a new infection to its author
- To receive configuration or other data
- To download and execute arbitrary files (including updates or additional malware)
- To receive instruction from a remote attacker
- To upload data taken from the affected computer
This malware description was produced and published using our automated analysis system's examination of file SHA1 0115bb489b9d22cef684f13613dfe9f72693b8ac.