Home / malware Trojan:JS/Hiloti.F
First posted on 13 October 2011.
Source: SecurityHomeAliases :
There are no other names known for Trojan:JS/Hiloti.F.
Explanation :
Trojan:JS/Hiloti.F is a malicious JavaScript trojan that is used by other malware, such as Trojan:JS/Hiloti.C, to communicate with remote servers and to manipulate returned results from search engine queries.
Top
Trojan:JS/Hiloti.F is a malicious JavaScript trojan that is used by other malware, such as Trojan:JS/Hiloti.C, to communicate with remote servers and to manipulate returned results from search engine queries.
Installation
This malware may be present with other variants of this malware family, including Trojan:Win32/Hiloti.gen!D and Trojan:JS/Hiloti.C, as a file named "_cfg.js". The trojan script is decrypted by Trojan:JS/Hiloti.C, which is present as a Mozilla Firefox application file named "overlay.xul".
Trojan:JS/Hiloti.F contains variables that are used by Trojan:JS/Hiloti.C which may define remote server addresses from which to communicate or download other arbitrary files. In one example, one decrypted variable pointed to the domain "trumba.org".
Additional Information
For more information about Trojan:JS/Hiloti.C, see the description elsewhere in the encyclopedia.
Analysis by Daniel Chipiristeanu
Last update 13 October 2011
