27674580919
Signal
Signal
Security
Malware
Viruses
Ransomware
Threats
Security Tips
Internet
Scams
Phishing
IoT
AVG News
Business
See all Security articles
Privacy
Browser
VPN
IP Address
Hackers
Passwords
Social Media
Privacy Tips
See all Privacy articles
Performance
Cleaning
Speed
Gaming
Hardware
Performance Tips
See all Performance articles
English
English
Español
Deutsch
Français
Nederlands
Italiano
Português
AVG Signal Blog Security Malware Analysis of Banking Trojan Vawtrak

Malware

Analysis of Banking Trojan Vawtrak

Vawtrak, Neverquest, or Snifula are different names of the same banking Trojan that has been spreading in recent months. It infects victims via malware downloaders (e.g. Zemot, Chaintor), exploit kits, or through drive-by downloads (e.g. spam email attachments or links).

Analysis_of_Banking_Trojan_Vawtrak-Hero
Written by AVG Signal Team
Published on April 2, 2015

Our analysis has shown that once it has infected a system, Vawtrak gains access to bank accounts visited by the victim. Furthermore, Vawtrak uses the infamous Pony module for stealing a wide range of login credentials, such as passwords stored in browsers, FTP clients, private keys, or stored within remote-desktop settings.

As we will discuss in this technical report, Vawtrak is a sophisticated piece of malware in terms of supported features (creating VNC and SOCKS servers, screenshot and video capturing, usage of steganography, etc.) and its extensibility with regular updates of available command and control (C&C) servers, Vawtrak executable, and web-inject frameworks.

Vawtrak infections, based on our statistics, are most prevalent on devices in the Czech Republic, USA, UK, and Germany this year.

In the following text, we describe Vawtrak from two perspectives – (1) Vawtrak's infection vector and (2) description of its features and internals. This report will mainly focus on the analysis of the features and internals.

Read the full report here

AVG protects you and your family against online threats in today's digital world. Get global-trusted security for all your devices with AVG AntiVirus FREE for PC, and also for your mobile phone with AVG AntiVirus for Android.

Prevent yourself from being harmed and learn some useful tips on website safety. If you’ve already been infected, read our guide on how to remove a virus from your computer.
DESKTOP
AVG

Get Free Threat Protection

Download AVG AntiVirus FREE for PC to remove viruses, block malware, and prevent threats.

Free download

Get it for Android, iOS, Mac

AVG

Get Free Threat Protection

Download AVG AntiVirus FREE for Mac to remove viruses, block malware, and prevent threats.

Free download

Get it for iOS, Android, PC

AVG

Get Free Threat Protection

Install free AVG AntiVirus for Android to remove viruses, block malware, and prevent threats.

Free install

Get it for PC, Mac, iOS

AVG

Get Free Threat Protection

Install free AVG Mobile Security for iOS to prevent security threats. Enjoy 24/7 protection for your iPhone or iPad.

Free install

Get it for Mac, PC , Android

Latest security articles

Malware And Virus Statistics 2024: The Trends You Need to Know About

How to Scan and Remove Malware on Mac

What Is Spyware?

What Is Adware and How to Get Rid of It?

What Is a Smurf Attack and How to Prevent It

What’s the Difference Between Malware and Viruses

What Is Malware? The Ultimate Guide to Malware

Microsoft Defender vs. Full-Scale Antivirus

What Is Scareware? Telltale Signs & How to Remove It

What Is a Logic Bomb Virus and How to Prevent It

How to Detect and Remove Spyware from Your iPhone

How to Remove Spyware from a Mac

Protect your Android against threats with AVG AntiVirus

Free install

Protect your iPhone against threats with AVG Mobile Security

Free install
Malware
Security
AVG Signal Team
2-04-2015