Home / malware Trojan.IFrame.AQ
First posted on 21 November 2011.
Source: BitDefenderAliases :
There are no other names known for Trojan.IFrame.AQ.
Explanation :
Trojan.IFrame.AQ is a small html code that opens a hidden browser window from address http://(removed)/test/test.html containing an Adodb.Stream exploit (detected by BitDefender as Exploit.ADODB.Stream.BU), which downloads and executes a binary file (also detected as Generic.Malware.dld!!.90566892). These files is a file that downloads from http://(removed)/000/ the file dnlsvc.exe (detected as Trojan.Hacktool.Rootkit.BR) and instals it.
Last update 21 November 2011