Bird_banner_small4
Trojan.Win32.Poritprog.A
TSL ID TSL20170314-27
Severity Moderate
Description

Trojan.Win32.Poritprog.A is a Trojan that targets the Windows platform. This malware deletes user credentials of web browsers such as Google Chrome, Mozilla Firefox, Internet Explorer and Opera, captures keystrokes/mouse events on the infected system, steals clipboard data, identifies itself to a remote server and accepts various commands. The supported commands would allow to take screenshots, download/execute a file, update itself, and more. Moreover, it may create a Run key Registry entry to survive system reboots.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 017226B096C4E27D9C343EBC5CBA179D
SHA1:
  • 154AFDCCD0D5F47D40CABC7696753964CFEF864D
Identifiers
McAfee
  • GENERIC.ARP
Sophos
  • MAL/KEYLOG-A
Symantec
  • TROJAN.GEN.2
TrendMicro
AegisLab
  • VIRUS.KEYLOGGER.GEN!C
AVG
  • WIN32/DH{IY17GMU?}
Avira
  • TR/SPY.AGENT.QHWOI
BitDefender
  • GENERIC.KEYLOGGER.2.E5CC5E0D
Comodo
  • TROJWARE.WIN32.AGENT.~OTK
Cyren
  • W32/TROJAN.PVUK-4408
ESET
  • WIN32/SPY.AGENT.OTK
Fortinet
  • W32/AGENT.A!TR.SPY
Invincea
  • VIRUS.WIN32.SLUGIN.A!DLL
NANO-Antivirus
  • TROJAN.WIN32.AGENT.EKYSYB
Rising
  • SPYWARE.AGENT!8.C6
Tencent
  • WIN32.TROJAN.GENERIC.DAW
ViRobot
  • TROJAN.WIN32.Z.AGENT.33792.PH
Yandex
  • TROJANSPY.AGENT!B/4EEG2KXP0
Related Threats