Global sites
SolutionsProductsPurchaseDownloadPartnersSupportCompanyThreat Center
Threat CenterEset Online scannerESET SysInspectorThreatSense® ThreatSense.Net® Security TipsThreat LevelThreat Dictionary
Threat Encyclopaedia
Update infoVirus Radar on your Website
Antivirus Software NOD32 > Threat Center > Threat Encyclopaedia > T

Threat Encyclopaedia

Print this pageSend

Win32/TrojanDownloader.Delf.ZEB

Aliases:Trojan-Downloader.Win32.Delf.zeb (Kaspersky), Trojan:Win32/Sisron (Microsoft), Downloader.Delf.DQP (AVG) 
Type of infiltration:Trojan  
Size:381440 B 
Affected platforms:Microsoft Windows 
Signature database version:4904 (20100301) 

Short description

Win32/TrojanDownloader.Delf.ZEB is a trojan which tries to download other malware from the Internet.

Installation

The trojan does not create any copies of itself.

Other information

The trojan contains an URL address. It tries to download a file from the address.

The file is stored in the following location:
  • c:\windows\system32\regedi.exe
The HTTP protocol is used.

The following Registry entry is set:
  • [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
    Run]
    "kuras" = "c:\Windows\system32\kuras.exe"