Bird_banner_small4
Trojan.MSIL.NapoleonCry.A
TSL ID TSL20171129-03
Severity Moderate
Description

Trojan.MSIL.NapoleonCry.A is a Trojan that targets the Windows platform. This malware uses the HTTP protocol to send user information to a remote controller. The user information is embedded into the HTTP User-Agent header. This malware accepts commands from the controller, including download/execute, run/download a script, and uninstall the malware. The malware adds a task to the Windows Task Scheduler to periodically launch the application.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 25D8C8123E3F55237A90EFE95F927C7F
SHA1:
  • 9158C6E75260B72F4C1B71FA7585300C96E9A8CB
Identifiers
Kaspersky
  • TROJAN-DROPPER.WIN32.AGENT.BJTMPO
TrendMicro
Arcabit
  • TROJAN.RAZY.D366B2
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9787
BitDefender
  • GEN:VARIANT.RAZY.222898
Cybereason
  • MALICIOUS.75260B
Fortinet
  • W32/AGENT.BJTMPO!TR
Jiangmin
  • TROJANDROPPER.AGENT.CIBD
Qihoo-360
  • WIN32/TROJAN.DROPPER.840
Related Threats