Home / malwarePDF  

Trojan.Downloader.Small.FS


First posted on 21 November 2011.
Source: BitDefender

Aliases :

Trojan.Downloader.Small.FS is also known as Win32/TrojanDownloader.Small.J, TR/Dldr.Small.fz, MalwareScope.Downloader.Small.5.

Explanation :

It makes the following HTTP reguest:
http://www.[REMOVED].com/cmb_220584.exeThe downloaded file will be placed in C:dialler.exe, and then it will be run.

BitDefender was able to detect this file without any signature, as BehavesLike:Trojan.Downloader.

It does not represent a threat anymore, because the site where it tries to download the file has been closed.

This trojan has been named as Downloader.Small because the executable code from the file has about 1500 bytes, but the file has been padded with a lot of zeros, and it's size has been increased to over 100KB.

Last update 21 November 2011

 

TOP