This malware deactivates anti-virus software, intercepts the user’s system data, downloads other malware via the Internet and runs it, and also spoofs URLs via the host file: for example, user requests are redirected to a malicious website or the user’s attempts to access a legitimate website are blocked.
Geographical distribution of attacks by the Trojan-Downloader.Win32.Geral family
Geographical distribution of attacks during the period from 20 November 2014 to 20 November 2015
Top 10 countries with most attacked users (% of total attacks)
* Percentage among all unique Kaspersky users worldwide who were attacked by this malware