Banetmex.A is a Trojan that sends phishing messages in order to obtain the passwords and the access keys of the user. In order to send the phishing, it uses the email addresses that it has obtained from the affected computer.

Additionally, on the one hand, it steals confidential information about certain mexican banking entities, redirecting users that visit them to a malicious website that imitates the original one, so that the users enter their banking data.

On the other, it downloads the backdoor detected as Sdbot.LQZ from a certain website. The variants belonging to this family are usually designed to prevent certain security programs from being run and control the affected computer remotely.


Banetmex.A does not spread automatically by its own means.

Technical details can be found at this Panda Software page.