Home / malware Trojan.Downloader.WMA.Wimad
First posted on 21 November 2011.
Source: BitDefenderAliases :
There are no other names known for Trojan.Downloader.WMA.Wimad.
Explanation :
This is an disguised application under a common media file extension meant to trick the user to download and execute a malware. Usually it states the false incapacity of your software configuration to view this kind of media. Due to the common misconception that malware or viruses are only in executables, the user could be lead to trust this strategy and install without his knowledge the downloaded threat.
Basically the user runs the file in Windows Media Player and gets a browser window that prompts him to download a file named "Codec.exe" .
This is actually an exploit of the media files because its an available feature in stead of an attack to the format.
Because it doesn't have a infection spreading ( doesn't infect files or copy itself into different locations into a network or local mirrors of the file ) so the method of spreading of this kind of malware is user based or web based ( the file appears in different locations on the internet as a download): through sharing or media downloads. So the file could be saved with different names of various celebrities, usually events or generally appealing things to users.
You can see a description of a malware that this kind of trojan downloads here : http://www.bitdefender.ro/VIRUS-1000279-ro--Adware.PlayMp3z.A.htmlLast update 21 November 2011