Banker.CAB is a password stealer type Trojan that monitors if the user accesses websites belonging to certain banking entities, in order to obtain passwords. Then, it sends the data it has gathered to certain email addresses.
The banking entities from which Banker.CAB attempts to obtain information are: Banco do Brasil, Bradesco, Caixa Economica Federal, HSBC Bank Brasil, Itau and Unibanco.
Banker.CAB does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.