Selected viruses, spyware, and other threats: sorted alphabetically
Short descriptionWin32/McRat.A is a trojan which tries to download other malware from the Internet.
InstallationWhen executed, the trojan creates the following files:
- %userprofile%%service%.dll (31744 B)
The trojan registers itself as a system service using the following filename:
In order to be executed on every system start, the trojan sets the following Registry entries:
"StubPath" = "%filepath%"
"ServiceDll" = "%userprofile%%service%.dll"
Information stealingThe trojan collects the following information:
- operating system version
- CPU information
- computer name
- user name
The trojan contains a list of (1) URLs. The HTTP protocol is used.
Other informationThe trojan is sent data and commands from a remote computer or the Internet. The HTTP protocol is used.
It can execute the following operations:
- download files from a remote computer and/or Internet
- run executable files
The trojan may set the following Registry entries:
- [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion
"%service%" = "%service%"
"%service%" = "rundll32.exe "%profile%%service%.dll", Launch"