SecurityHome.eu Trojan-Downloader:W32/Tibs.LE

Home / malware PDF

Trojan-Downloader:W32/Tibs.LE

First posted on 20 June 2007.
Source: SecurityHome
Aliases :
Trojan-Downloader:W32/Tibs.LE is also known as TR/Dldr.Tibs.LE.43, Trojan.Packed.13, Trojan-Downloader.Win32.Tibs.le, Possible_Nucrp-3.
Explanation :
Trojan-Downloader:W32/Tibs.LE downloads and runs a file from a website.

Trojan-Downloader:W32/Tibs.LE is a trojan that downloads and executes other malware onto the system.

It may arrive on the system as an attachment from spammed e-mails or may be downloaded from the Internet.

Trojan-Downloader:W32/Tibs.LE downloads files from the following sites:

http://stat1count.net/pictures2/z[REMOVED]1
http://stat1count.net/pictures2/z[REMOVED]2
http://stat1count.net/pictures2/z[REMOVED]3
http://stat1count.net/pictures2/z[REMOVED]4
http://stat1count.net/pictures2/z[REMOVED]5

It then saves the downloaded files to the following locations:

%SysDir%vexga4me1.exe
%SysDir%vexga3me2.exe
%SysDir%vexga5me3.exe
%SysDir%vexg6ame4.exe
%SysDir%vexga8me6.exe

These download sites were down as of this time of writing.

Last update 20 June 2007

TOP

Trojan-Downloader:W32/Tibs.LE

Aliases :

Explanation :

Malware :

Family: