This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects Trojan.Eupuds network activity.
When the Trojan is executed, it creates the following file:
%UserProfile%\Application Data\[RANDOM CHARACTERS].exe
Next, the Trojan creates the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"[RANDOM CHARACTERS].exe" = "%UserProfile%\Application Data\[RANDOM CHARACTERS].exe"
The Trojan then monitors the following Web browsers to intercept and modify Web traffic:
Next, the Trojan steals account information for the following websites:
The Trojan then sends this information to the following remote locations: