Troj/CashGrab-D is a Trojan for the Windows platform.
When Troj/CashGrab-D is installed some of the the following folders and non-malicious files are created:
<Current Folder>\sui.dll
<Current Folder>\svact\004.act
<Current Folder>\svskn\004.sns
<Current Folder>\wint.ini
<System>\ierror.rep
<System>\wint.ini
<System>\winte.html
<System>\svact\004.act
<System>\svskn\004.sns
<System>\tmpsender.cnt
Troj/CashGrab-D is registered as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer, creating registry entries under:
HKCR\CLSID\(3A4E6FF3-BF59-446E-9DC8-731BCE2F349A)
HKCR\svchost.Update\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\(3A4E6FF3-BF59-446E-9DC8-731BCE2F349A)
Troj/CashGrab-D monitors internet browser windows for certain banking URLs, attempting to steal information if it finds them.