SecurityHome.eu Trojan.Exploit.ANOI

Home / malware PDF

Trojan.Exploit.ANOI

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Exploit.ANOI is also known as JS_AGENT.ARVC, JS/Downloader.gen, Trojan.Exploit.SSX, Downloader.Agent.ku, JS/Downloader.Agent.
Explanation :
This piece of malware consists in a script written in Javascript which belongs to a chain of "web based threats" that uses numerous exploits to attack unaware users. The basic mechanism of this kind of threat is described here : Trojan.Exploit.SSX.

The script uses a deconcept SWFObject to find out the version of Flash Player. It exploits different versions of Flash Player 9. It does this in order to check which exploited SWF file to give to the client for the vulnerable versions. The SWF exploit is detected as Exploit.SWF.Gen and downloads another malware depending on the infected website.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20