SkimerWC trojan infects ATM machine that are designed for Russian and Ukraine banks. The Trojan's main payload is incorporated into a dynamic-link library stored in the NTFS streams, Once the ATM's OS is infected, malware starts monitoring Encrypted Pin Pad (EPP) keystrokes waiting for a specific input combination that can initiate the execution of a command entered by a attackers via EPP. This can be possible only if attackers possess a special master card.
| dff7ee95100ffaec5848a73a7b306eaaee94ae691dfccff9fe6ce0a8f3b82c56 | Backdoor.Win32.SkimerWC.a | Download |
| e267fb3044c31256f06dd712c7aeae97ad148fd3157995a7e536e5473c1a2bc0 | Backdoor.Win32.SkimerWC.a | Download |
| e78e6155b8dfd206ba5a5e7253409891bfed1b943d217e0fbc416a25fa761580 | Backdoor.Win32.SkimerWC.a | Download |