Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-Downloader

Trojan-Downloader.Shell.Miner.f

Update Date
01/09/2024

Class: Trojan-Downloader

Programs classified as Trojan-Downloader download and install new versions of malicious programs, including Trojans and AdWare, on victim computers. Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up. Information about the names and locations of the programs which are downloaded are in the Trojan code, or are downloaded by the Trojan from an Internet resource (usually a web page). This type of malicious program is frequently used in the initial infection of visitors to websites which contain exploits.

Read more

Platform:

No platform description

Family: RiskTool.JS.Miner

No family description

Examples

9506E15BA032F96F7637CA1154934E61
C2E9FCB046D5A8CE851C742D5DA82B6A
843D7D11C0F7F4C66B317DF493D6D8A6
04999EF09D3768443FB43D4A29269E11
95CA4DA29F33DBDE556C6130900FA5FF

Tactics and Techniques: Mitre*

TA0007
Discovery

Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.


T1083
File and Directory Discovery

Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.


T1087.001
Local Account

Adversaries may attempt to get a listing of local system accounts. This information can help adversaries determine which local accounts exist on a system to aid in follow-on behavior.


T1497.003
Time Based Evasion

Adversaries may employ various time-based methods to detect and avoid virtualization and analysis environments. This may include enumerating time-based properties, such as uptime or the system clock, as well as the use of timers or other triggers to avoid a virtual machine environment (VME) or sandbox, specifically those that are automated or only operate for a limited amount of time.


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
25 June 2025
Securelist
AI and collaboration tools: how cyberattackers are targeting SMBs in 2025
23 June 2025
Securelist
SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play
11 June 2025
Securelist
Toxic trend: Another malware threat targets DeepSeek
09 June 2025
Securelist
Sleep with one eye open: how Librarian Ghouls steal data by night
06 June 2025
Securelist
Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
05 June 2025
Securelist
IT threat evolution in Q1 2025. Non-mobile statistics
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.