Bird_banner_small4
Trojan.MSIL.Bcex.aoxp
TSL ID TSL20170711-04
Severity Moderate
Description

Trojan.MSIL.Bcex.aoxp is a Trojan that targets Windows platform. This malware spreads in the wild using a Microsoft Word document containing malicious VBA Macro code. It is capable to steal system information, Keyboard inputs, system clipboard content, credentials of selected installed software. It is also capable to take screenshots and send image files from victim's webcam. Furthermore, it creates a Load key Registry entry in order to achieve persistence.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • EF234F23724DC00E693BDB1B1218C1E8
SHA1:
  • 27F0CA2BF23ACA5BF4C737480038F23C7EEA5B96
Identifiers
Kaspersky
  • TROJAN.WIN32.BCEX.AOXP
McAfee
  • PACKED-LW!EF234F23724D
Microsoft Malware Protection Center
TrendMicro
AhnLab-V3
  • TROJAN/WIN32.INJECTOR.C2019678
Antiy-AVL
  • TROJAN/WIN32.BCEX
Arcabit
  • TROJAN.RAZY.D2C7E8
Avira
  • TR/DROPPER.MSIL.AVIZY
BitDefender
  • GEN:VARIANT.RAZY.182248
CAT-QuickHeal
  • TROJAN.BCEX
Cyren
  • W32/TROJAN.WPJG-8466
DrWeb
  • TROJAN.MULDROP7.26290
ESET-NOD32
  • MSIL/INJECTOR.SHY
Fortinet
  • MSIL/GENERIC.AP.EA826!TR
Jiangmin
  • TROJAN.BCEX.AAQ
Malwarebytes
  • SPYWARE.IMMINENT
NANO-Antivirus
  • TROJAN.WIN32.RAZY.EPYJGC
Rising
  • TROJAN.INJECTOR!8.C4
Tencent
  • WIN32.TROJAN.FAKEDOC.AUTO
VBA32
  • TSCOPE.TROJAN.MSIL
Yandex
  • TROJAN.BCEX!
Zillya
  • TROJAN.BCEX.WIN32.1058
References https://blog.fortinet.com/2017/06/28/in-depth-analysis-of-net-malware-javaupdtr
Related Threats