Trojan.JS.MANAGEX.A

Oct 13, 2020 06:00 am Cyber Security 537

This MANAGEX variant is a modular adware that is able to gather important information as a browser extension.


This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.


It connects to certain websites to send and receive information. However, as of this writing, the said sites are inaccessible.





File Size: 687,512 bytes




File Type: JS




Memory Resident: No




Initial Samples Received Date: 18 Sep 2019




Arrival Details


This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.


Installation


This Trojan drops the following files:


  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory}imageschromium.svg

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory}imagesshadow.png

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory}ackground.html

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory}ackground.js → contains malicious script

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory}config.json → contains configuration settings

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory}manifest.json → contains extension details

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory} est.js

  • %AppDataLocal%Google ChromeChromiumUser dataDefaultExtensions{Extension Installation Directory} r.js

    • (Note: %AppDataLocal% is the Local Application Data folder, which is usually C:Documents and Settings{user name}Local SettingsApplication Data on Windows 2000(32-bit), XP, and Server 2003(32-bit), or C:Users{user name}AppDataLocal on Windows Vista, 7, 8, 8.1, 2008(64-bit), 2012(64-bit) and 10(64-bit).)


    Information Theft


    This Trojan gathers the following data:


  • OS Version

  • Chrome Details
  • ID

  • Version

  • Language

  • Bro ..

    Support the originator by clicking the read the rest link below.
    • trojan managex
    Read The Rest from the original source
    trendmicro.com

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!