Troj/Bancos-KG is an internet banking Trojan for the Windows platform.
Troj/Bancos-KG has the functionalities to:
- display fake screens
- steal information
- communicate with a remote server via email
When run, Troj/Bancos-KG copies itself to <Windows>\charmmpxp.exe and creates the file
<Windows>\ieupdate.dat. The file ieupdate.dat can be deleted safely.
When run, Troj/Bancos-KG sets the following registry entry:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Mapa de caracteres para NT
<Windows>\charmmpxp.exe