BlackEnergy

This page shows details and results of our analysis on the malware BlackEnergy

Download Current DAT: 6616

Threat Detail

Malware Type: Trojan

Malware Sub-type: Dropper

Discovery Date: 2010-03-05

Next Steps:

Overview
Symptoms
Method of Infection
Removal

Overview

This variant of the BlackEnergy trojan drops various malware components hidden by a rootkit - with the possibility to install various plugins to execute payloads.

Minimum DAT

5914 (2010-03-08)

Updated DAT

5914 (2010-03-08)

Minimum Engine

5.4.00

File Length

N/A

Description Added

2010-03-08

Description Modified

2010-03-08

Malware Proliferation

Characteristics

Symptoms

? Presence of file and registry values mentioned above

? Increase in internet traffic

Method of Infection

Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include spam emails, IRC, P2P networks, newsgroup postings, etc...

Removal

All Users:
Use specified engine and DAT files for detection and removal.

Additional Windows ME/XP removal considerations