Bird_banner_small4
Trojan-Downloader.Win32.OnionDog.B
TSL ID TSL20170809-05
Severity Moderate
Description

Trojan-Downloader.Win32.OnionDog.B is a Trickler that targets the Windows platform. The malware communicates with a remote server, and downloads and executes malicious code on the infected system. Moreover, it can create a service to get started after system reboots.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 90B36BD4D12F34D556F363D6E5F9564F
SHA1:
  • 6597E64B033676C6C4171D0771BE56E9F689AA28
Identifiers
Kaspersky
  • TROJAN.WIN32.ONIONDOG.B
McAfee
  • GENERICR-EDI!90B36BD4D12F
Symantec
  • W32.WONIORE
TrendMicro
AegisLab
  • TROJ.DROPPER.W32.AGENT!C
AhnLab
  • TROJAN/WIN32.HWDOOR.R160988
ALYac
  • TROJAN.AGENT.39213.H
Antiy-AVL
  • TROJAN/WIN32.BTSGENERIC
Arcabit
  • TROJAN.GENERIC.DE516EE
Avira
  • TR/DYNAMER.WBRL
BitDefender
  • DROPPED:TROJAN.GENERIC.15013614
CAT-QuickHeal
  • DOWNLOADER.AGENT.10366
Cyren
  • W32/HEURISTIC-KPP!ELDORADO
DrWeb
  • TROJAN.DOWNLOADER15.22630
ESET
  • WIN32/TROJANDOWNLOADER.AGENT.CGY
Fortinet
  • W32/ONIONDOG.2AD4!TR
Ikarus
  • TROJAN.SEFNIT
NANO-Antivirus
  • TROJAN.WIN32.ONIONDOG.EAKWZK
Qihoo-360
  • WIN32/TROJAN.DROPPER.FFA
ViRobot
  • TROJAN.WIN32.AGENT.572928.E
Yandex
  • TROJAN.DR.AGENT!FWWUC1KAF2Y
Zillya
  • DROPPER.AGENT.WIN32.208647
References http://blog.trendmicro.com/trendlabs-security-intelligence/oniondog-not-targeted-attack-cyber-drill/
https://www.alienvault.com/blogs/security-essentials/oniondog-an-example-of-a-regional-targeted-attack
Related Threats