This indicates that the target server failed to decrypt the ticket provided by the client. The target name used was cifs/domain.local. The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server candc1$. It also supports password stealing from the other browsers. Vawtrak supports three major browsers to operate in – Internet Explorer, Firefox, and Chrome.
Steals passwords, digital certificates, browser history, and cookies.Hooks standard API functions, injects itself into new processes.Communicates with remote C&C servers – executes commands from a remote server, sends stolen information, downloads new versions of itself and web-injection frameworks.Some of the common tasks it performs are: Trojan.VawTrak is a virus you definitely want to get rid of as it is designed to steal online banking information.
