Troj/Bancos-BC is a password stealing Trojan for the Windows platform that targets customers of Brazilian banks.
Once executed Troj/Bancos-BC displays a fake error message, copies itself to the root and to the Arquivos de programas folder on the C drive with the filename IExplorer.exe, and in order to be able to run automatically when Windows starts up sets the registry entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\
IExplorer
C:\Arquivos de programas\IExplorer.EXE
Troj/Bancos-BC monitors an user's internet access, and when certain internet banking sites are visited, the Trojan will display a fake login screen in order to trick the user into inputting their details.
Troj/Bancos-BC also creates an appstart32.inf data file in the Windows inf folder.