SecurityHome.eu Trojan:JS/Alescurf.C

Home / malware PDF

Trojan:JS/Alescurf.C

First posted on 31 January 2012.
Source: Microsoft
Aliases :
Trojan:JS/Alescurf.C is also known as Trojan.JS.WPress.A (BitDefender), Troj/JSRedir-EQ (Sophos).
Explanation :
Trojan:JS/Alescurf.C is a encrypted JavaScript trojan, which is injected into HTML files. It redirects the user to a certain webpage.

Top

Trojan:JS/Alescurf.C is a encrypted JavaScript trojan, which is injected into HTML files.

If the browser visits a webpage infected with Trojan:JS/Alescurf.C, it is redirected to a webpage in a remote server that may have malicious content. In the wild, it is known to redirect to the IP address91.<removed>.216.64.

It collects the following information about the computer and passes them on to the remote server:

Color depth

Screen width and height

Character set

Location

User agent

Analysis by Daniel Chipiristeanu

Last update 31 January 2012

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:JS/Alescurf.C
Trojan:JS/Alescurf.D