Troj/Agent-LWB is a Trojan for the Windows platform.
Troj/Agent-LWB includes functionality to:
- copy iteslf to the <WINDOWS> folder
- run automatically
- access the internet and communicate with a remote server via HTTP
Troj/Agent-LWB communicates via HTTP with the following locations:
91 . 213 . 94 . 131
When Troj/Agent-LWB is installed it copies itself to <Windows>\essledv.exe.
Registry entries are created under:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ttool
<Windows>\essldev.exe