x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Banker.MHC

Threat LevelLow threatDamageHighDistributionNot widespread
Common name:Banker.MHC
Technical name:Trj/Banker.MHC
Threat level:Medium
Alias:Trojan-Banker.Win32.Banker.awom,
Type:Trojan
Effects:  

It is designed to steal users' banking details belonging to a certain Brazilian banking entity. It reaches the computer in a phishing message which seems to have been sent by such banking entity.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:June 14, 2010
Detection updated on:June 17, 2010
StatisticsNo

Brief Description 

    

Banker.MHC is a Trojan designed to steal users' banking details belonging to a certain Brazilian banking entity. In order to do so, it passes itself off as an update of program of such banking entity designed to improve security measures when making Internet banking operations.

Banker.MHC reaches the computer in an email message (phishing) which seems to have been sent by such Brazilian banking entity.

Visible Symptoms 

    

Banker.MHC is easy to recognize, as it reaches the computer in a phishing message that seems to have been sent by certain Brazilian banking entity. This message contains a link from which a program is downloaded to improve the security when accessing the banking entity through the Internet.

If users follow the link, a file with the icon of the affected bank is downloaded.

When this file is run, a program which seems to belong to the banking entity is displayed:

Interface of the fake program