Home / malwarePDF  

TrojanDownloader:BAT/Lnkget.Y


First posted on 03 February 2010.
Source: SecurityHome

Aliases :

There are no other names known for TrojanDownloader:BAT/Lnkget.Y.

Explanation :

TrojanDownloader:BAT/Lnkget.Y is a detection of a malicious Windows Shortcut file that downloads and executes malware from a remote server.
Top

TrojanDownloader:BAT/Lnkget.Y is a detection of a malicious Windows Shortcut file that downloads and executes malware from a remote server. InstallationTrojanDownloader:BAT/Lnkget.Y may arrive on a user's computer as an attachment to an e-mail. PayloadTrojanDownloader:BAT/Lnkget.Y drops and executes a batch file named "mm.bat" under the Windows directory. The dropped batch file downloads a VBScript file, which is saved as "%windir%\y.vbs", from the remote server tftft.net over TFTP (Trivial File Transfer Protocol). The downloaded file is then executed. Note: At the time of publishing, the file on the remote sever was not available.

Analysis by Shawn Wang

Last update 03 February 2010

 

TOP