SecurityHome.eu Virus:VBS/Ramnit.gen!A

Home / malware PDF

Virus:VBS/Ramnit.gen!A

First posted on 15 February 2012.
Source: Microsoft
Aliases :
Virus:VBS/Ramnit.gen!A is also known as VBS/Inor.DZ (Command), VBS.Ramnit.T (VirusBuster), Win32.Rmnet.12 (Dr.Web), W32/Ramnit.a!htm (McAfee), W32.Ramnit!html (Symantec), VBS_RAMNIT.SMC (Trend Micro).
Explanation :
Virus:VBS/Ramnit.gen!A is a Visual Basic script that is injected into other files, for example, HTML or JavaScript files. The injected script decrypts and drops an executable detected as another malware.

Top

Virus:VBS/Ramnit.gen!A is a Visual Basic script that is injected into other files, for example, HTML or JavaScript files. The injected script decrypts and drops an executable which is detected as one of the following:

Virus:Win32/Ramnit.I

Trojan:Win32/Ramnit.A

The malicious file is dropped as the file "%TEMP%\svchost.exe".

Analysis by Daniel Chipiristeanu

Last update 15 February 2012

TOP

Malware :

HermeticWiper
Virus:Win32/Sality.AM!corrupt
Virus:HTML/Sapaq.A
Virus:Win32/Parite.B.dll
Virus:Win32/Virut.AE

Last 20

Family:

Virus:VBS/Ramnit.gen!B
Virus:VBS/Ramnit.gen!A
Virus:VBS/Ramnit.A
Virus:VBS/Ramnit.F