Home / malware Trojan.Downloader.Wimad.D
First posted on 21 November 2011.
Source: BitDefenderAliases :
There are no other names known for Trojan.Downloader.Wimad.D.
Explanation :
This is a disguised application under a common media file extension meant to trick the users into accessing different web pages. Because of the common misconception that malware or viruses are found only in executables, the user could be lead to trust this strategy and install the downloaded threat without their knowledge.
This application is an exploit for Windows Media Player files. This feature is to open a webpage when the file playing ends. So, this way other files can be downloaded. They can also be used as adware.
The accessed webpage looks like: http://www.[hidden]sx.com from where the user is redirected to an adult webpage and from where he can download an update to the "media file". The update (detected as: Trojan.Downloader.Wimad.F ) is exploiting a media file in the same way, which then redirects to another adult webpage.
It is unable to replicate by itself, or to infect other files. It relies on websites, or file sharing applications to spread.Last update 21 November 2011
