F-Secure
Tools
Trojan-Spy:W32/Papras.gen!A
Summary
A trojan that secretly installs spy programs, such as keyloggers.
Additional Details
Trojan-Spy:W32/Papras.gen!A is the Generic Detection for a program that steals sensitive information, particularly details relating to online banking account.
The program has been observed to create the following files:
And reads from the memory of the rundll32.exe processes.
Closely related malware include:
About Generic Detections
Unlike signature or single-file detections, a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.
For more information about Generic Detections, see the Generic Detection description.
The program has been observed to create the following files:
- %internetcache%\desktop.ini
- %localsettings%\History\desktop.ini
- %cookies%\index.dat
And reads from the memory of the rundll32.exe processes.
Closely related malware include:
About Generic Detections
Unlike signature or single-file detections, a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.
For more information about Generic Detections, see the Generic Detection description.