Bird_banner_small4
Trojan.MSIL.ExcarosBot.A
TSL ID TSL20171107-06
Severity High
Description

Trojan.MSIL.ExcarosBot.A is a Bot agent that targets the Windows platform. This malware disables Windows Defender, contacts its control server and accepts various commands. The supported commands would allow to start/stop a HTTP/UDP flood attack against provided target, download a binary, update itself and more. Moreover, the malware creates scheduled tasks to achieve persistence on the infected machine.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • A96DAE7F7FFA0A548F1472003D6CE864
SHA1:
  • 9DF51649AE03F209726A2A285C6BFFF886B3C7A1
Identifiers
McAfee
  • RDN/GENERIC.CF
TrendMicro
AegisLab
  • TROJ.SPY.GEN!C
Arcabit
  • TROJAN.GENERIC.D5C64F6
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9980
BitDefender
  • TROJAN.GENERICKD.6055158
Cybereason
  • MALICIOUS.1B8FB7
Cyren
  • W32/TROJAN.FLPZ-1377
ESET-NOD32
  • MSIL/AGENT.BDB
Fortinet
  • MSIL/AGENT.BDB!TR
NANO-Antivirus
  • TROJAN.WIN32.GENERICKD.ETEQMR
Tencent
  • WIN32.TROJAN.SPY.LNEJ
Yandex
  • TROJAN.AGENT!VOCJURJFOXS
Zillya
  • TROJAN.AGENT.WIN32.839454
References http://www.virusradar.com/en/MSIL_Agent.BDB/description
Related Threats