Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-Dropper Win32

Trojan-Dropper.Win32.Dapato.saox

Update Date
10/22/2024

Class: Trojan-Dropper

Trojan-Dropper programs are designed to secretly install malicious programs built into their code to victim computers. This type of malicious program usually save a range of files to the victim’s drive (usually to the Windows directory, the Windows system directory, temporary directory etc.), and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.). Such programs are used by hackers to: secretly install Trojan programs and/or viruses protect known malicious programs from being detected by antivirus solutions; not all antivirus programs are capable of scanning all the components inside this type of Trojans.

Read more

Platform: Win32

Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.

Family: Trojan-Dropper.Win32.Dapato

No family description

Examples

A2ABEAD64AD78DFF643A975F7D451B16

Tactics and Techniques: Mitre*

TA0007
Discovery

Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Administrator or otherwise elevated access may provide better process details. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.


T1057
Process Discovery

Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Administrator or otherwise elevated access may provide better process details. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
10 March 2025
Securelist
SideWinder targets the maritime and nuclear sectors with an updated toolset
06 March 2025
Securelist
Trojans disguised as AI: Cybercriminals exploit DeepSeek’s popularity
05 March 2025
Securelist
Undercover miner: how YouTubers get pressed into distributing SilentCryptoMiner as a restriction bypass tool
03 March 2025
Securelist
Mobile malware evolution in 2024
28 February 2025
Securelist
The SOC files: Chasing the web shell
26 February 2025
Securelist
Exploits and vulnerabilities in Q4 2024
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.