Trojan.Win32.Harvso.A - TELUS Security Labs

Research

Vulnerability Research
Malware Research

Home >> Research>> Trojan.Win32.Harvso.A

Trojan.Win32.Harvso.A

TSL ID

TSL20120426-05

Severity

Moderate

Description

Trojan.Win32.Harvso.A is a Trojan that targets Windows platform. This malware attempts to steal credentials and other data stored by Firefox, Thunderbird, and Opera Web browser. Moreover, it searches for Word and Excel documents on the infected computer and sends all stolen files in a ZIP file to a remote attacker.

Affected Products

Microsoft Windows All Versions

File Hashes

MD5:

85D1C27D1EF9DB9530C9F37DA6CC5A27

SHA1:

33615EC882FD262B11DBE0D1772ED3309B532C95

Identifiers

Kaspersky		TROJAN-SPY.WIN32.SPYEYES.QPE
Microsoft Malware Protection Center		TROJAN:WIN32/HARVSO.A
DrWeb		TROJAN.PWS.STEALER.786
ESET		WIN32/DATASTEALER.D
Fortinet		W32/KRYPTIK.SHU!TR

References

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3aWin32%2fHarvso.A
http://www.securelist.com/en/descriptions/32750706/Trojan-Spy.Win32.SpyEyes.qpe

Related Threats