Banker.CTD is a password stealer type Trojan that monitors if the user accesses websites belonging to certain banking entities, in order to obtain passwords. Then, it sends the data it has gathered to a certain email address.
The banking entities from which Banker.CTD attempts to obtain information are: AMOR, Banking, Bradesco, NetBanking, Santander and Sudameris.
Banker.CTD does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.