The vundo trojan is usually a dll with a random name located in system32 directory. The length of the file name is usually 5 to 7 characters (depending on the...
Category - E-Threats
Trojan.Vundo, it works with random named files in
Adware:Win32/Advantage Adware.SaveNow.origin ADSPY/Whenu.T Win32:Whenu
The virus starts by decryipting a part of its code in order to resolve its imports.
Virus.Win32.Downloader.ax; W32.Mumawow.Y!inf; W32/Mypis.gen1; W32/Downloader.E
This is a disguised application under a common media file extension meant to trick the user to download and execute a piece of malware.
The original malware file is packed with FSG packer. After unpacking it does an interesting trick to avoid being detected by H.I.P.S systems or any other...