Trojan:W32/Black.A: What you Need to Know

May 20, 2009
by Indre
read more articles by Indre What's your opinion?

You thought that it would never happen to you, but it happened! Unfortunately, now your computer has

been poisoned by the Packed.Win32.Black.a. infection. Be aware of the fact that this computer threat includes files which are packed with a stolen version of the Themida software protection program. So remember the characteristics of this trojan in order to protect your computer from harm.

Here are a few significant technical details on Trojan:W32/Black.A:

Name: Trojan:W32/Black.A
Detection Names: Packed.Win32.Black.a
Category: Malware
Type: Trojan
Platform: W32

As the program causes potential security doubts, it is difficult to place Trojan:W32/Black.A under any other group than malware. It has been discovered that stolen portion of this program is used to camouflage the malware portion. Identifying a file that has been packed with a stolen portion of Themida is the way to fight against this infection.

Take a look at this list of alias names for Trojan:W32/Black.A.

Trojan Horse

Trojan.Crypt!IK

TR/PCK.Black.A.3515

W32/Heuristic-210!Eldorado

Win32/Themida

Trojan.Packed.64742

Trojan.Packed.650

Win32.Packed.Black.A

W32/Heuristic-210!Eldorado

Trojan.Crypt

Trojan/Black.a

W32/Black.A

Packed.Win32.Black.a

Trojan.Packed.64742

GW-Edition Trojan.PCK.Black.A.3515

Generic!Artemis

New Malware.jn

Packed.Win32.Black.a

Mal/Generic-A

Trj/CI.A

Packed.Win32.Black.a

Table 1.The list of alias names

All users need to be attentive as the Trojan is protected with Themida so as to prevent the sample from being reverse-engineered. The Themida protection is actually being used by the threat to obscure manual threat research (for instance the sample would run unsuccessfully on a Virtual Machine).

To conclude, bear in mind that you can also find clean files that have been packed with the stolen version of Themida. If you come across a reliable file that is from a legitimate source and it has been identified as Packed.Win32.Black.a, you may choose to use the file by excluding it from real-time scanning. In addition, it is advisable to test distrustful files with different antiviruses.

Resources:
The alias list of the trojan
Defining Trojan:W32/Black.A
Review on the threat

Comments

No comments posted yet.

State your case

Please type 5-digit security code below:
	Name
	Mail (will not be published)
	Website

LATEST ARTICLES

Don’t Be Fooled By The Alpha Antivirus
Trojan Problem: Generic DX
Watch out for the Win32 Heur Trojan!
Computer System Invasion: frmwrk32.exe
Worm:W32/Mabezat.B. Is a Potential Danger to your Computer!

Software Applications Forum

Who knows where to download XRumer 5.0 Palladium?
Tool

LATEST COMMENTS

Even It Was Suave To Me

Jan 31, 2010

Has bring about an attractive locate in the direction of fans of... more

Watch Out For The Win32 Heur Trojan!

Jan 15, 2010

My computer got infected from this virus through a website called wtso.net.... more

Ubuntu

Jan 02, 2010

That's right this version is improved. Even the partition manager is much... more

Spyware

Jan 02, 2010

Hello,Yes, possible. As spyware is very secret. Sometimes your browser may... more

Info On ME

Jan 02, 2010

I agree windows ME creates all types of crashes and I hate it. It has... more

Spyware

Jan 02, 2010

Let's say you're getting a lot of bounced back mail and e-mails are being... more
more comments »