Bird_banner_small4
Trojan.MSIL.Dotdo.AR
TSL ID TSL20170213-03
Severity Moderate
Description

Trojan.MSIL.Dotdo.AR is a Trojan that targets the Windows platform. This malware attempts to install itself by using the Windows Task Scheduler. Therefore, the malware will be executed periodically as well as when the user logs into the system. Taking screenshots of the desktop is the primary purpose of this malware, and in conjunction with the Task Scheduler, it is able to periodically take screenshots and send them to a remote controller.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 5B24110EAFBE5376388F9FF9AA864D4F
SHA1:
  • 1A783B9B0D58F8373DC03242B21E6E4B967A5629
Identifiers
Kaspersky
  • HEUR:ADWARE.MSIL.DOTDO.GEN
McAfee
  • PUP-FMH
Panda
  • TRJ/GDSDA.A
Arcabit
  • TROJAN.BARYS.DD837
AVG
  • DOWNLOADER.BDYB
BitDefender
  • GEN:VARIANT.BARYS.55351
Comodo
  • TROJWARE.MSIL.DOTDO.R
DrWeb
  • ADWARE.DOTDO.133
ESET-NOD32
  • MSIL/ADWARE.DOTDO.AC
Ikarus
  • MSIL.DOTDO
Qihoo-360
  • HEUR/QVM03.0.0000.MALWARE.GEN
References http://www.virusradar.com/en/MSIL_Adware.Dotdo.AC/description
Related Threats TSL20160419-07 - Trojan.Win32.Naibe.A