Home / malware Trojan.Obfuscated.LA
First posted on 21 November 2011.
Source: BitDefenderAliases :
Trojan.Obfuscated.LA is also known as Trojan.Win32.Obfuscated.ddk, TR/Obfuscated.ddk.
Explanation :
Trojan.Obfuscated.LA is a trojan downloader. It tries to download a file from
hxxp://upd.host-domain-look.com/upd/check?version=0.1unk&fxp=9025<hex chars>
In order not to be detected by the firewall the program injects a part of it's code into a new process (iexplorer.exe) that it previously created. After the new malware is downloaded and put into execution Trojan.Obfuscated.LA exits.
Currently at the above URL address the program encounters an HTTP error (304 Not Modified).
This domain is associated with Trojan.Swizzor.Last update 21 November 2011
