x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Download Cloud Antivirus Gratis

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Banker.CAB

Threat LevelHigh threatDamageSevereDistributionNot widespread
Common name:Banker.CAB
Technical name:Trj/Banker.CAB
Threat level:Medium
Alias:TR/Spy.Banker.ahy.2209, PSW.Banker.TVW, Trojan.Banker.Delf.A2B9A822, Win32/Bancos.784099!PWS!Trojan, Logger.Banker.ahy, Trojan-Spy.Win32.Banker.ahy, Spy/Bnkmr , Win32/Spy.Banbra.DT trojan, W32/Banker.NUH, Troj/Bnkmr-Fam, PWSteal.Bancos
Type:Trojan
Effects:  

It monitors if the user accesses websites belonging to certain banking entities, in order to obtain passwords. Then, the gathered information is sent to several email addresses.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Feb. 6, 2006
Detection updated on:Nov. 30, 2006
StatisticsNo
Proactive protection:
Yes, using TruPrevent Technologies

Brief Description 

    

Banker.CAB is a password stealer type Trojan that monitors if the user accesses websites belonging to certain banking entities, in order to obtain passwords. Then, it sends the data it has gathered to certain email addresses.

The banking entities from which Banker.CAB attempts to obtain information are: Banco do Brasil, Bradesco, Caixa Economica Federal, HSBC Bank Brasil, Itau and Unibanco.

Banker.CAB does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

Visible Symptoms 

    

Banker.CAB can be recognized, as it reaches the computer in a file with an Internet Explorer icon.

Additionally, once Banker.CAB has affected the computer and the email with the gathered data has been sent, the following window is displayed:



This false window indicates that there has been an error in Internet Explorer and it will be ended.