SecurityHome.eu Trojan.JS.Agent.E

Home / malware PDF

Trojan.JS.Agent.E

First posted on 21 November 2011.
Source: BitDefender
Aliases :
There are no other names known for Trojan.JS.Agent.E.
Explanation :
The script exploits a vulnerability discovered on Internet Explorer 6.0 (MS06-014) .When executed, the script adds the following clsid: "BD96c556-65a3-11d0-983a-00c04fc29e36". The code wich performs the download is then executed on the remote host. It first creates an object named msxml2.XMLHTTP and then tries to download a file from http://freescans[hidden].com /count/load.php . The files is saved with the name xXx.exe in the parent directory of the folder where the browser is installed. The downloaded file is currently detected as Trojan.Downloader.JJRB
Last update 21 November 2011

TOP

Malware :

Backdoor.WinCE.Brador.A
WinCE.Dust.A
Backdoor:WinCE/PhoneCreeper.A
Dialer:WinCE/Terdial.A
Trojan:WinCE/Terdial

Last 20

Family:

Exploit.JS.Agent.F
Trojan-Downloader:HTML/Agent.DY
Trojan.Downloader.JS.Agent.PB
Trojan-Dropper:W32/Agent.CMW
Trojan-Downloader:W32/Agent.TPF
Trojan-Dropper:W32/Agent.DSM
Trojan-Downloader:W32/Agent.BOY
Trojan-Dropper:W32/Agent.PR
Email-Worm:W32/Agent.BC
Trojan.Clicker.Agent.NP