SecurityHome.eu Trojan-Downloader:JS/Agent.CTL

Home / malware PDF

Trojan-Downloader:JS/Agent.CTL

First posted on 05 September 2008.
Source: SecurityHome
Aliases :
There are no other names known for Trojan-Downloader:JS/Agent.CTL.
Explanation :
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

right]This trojan-downloader affects users browsing either a malicious website or a legitimate website which has been compromised. The malware uses Shockwave SWFObject (SWF) Java Script to forcibly run the following crafted SWF content on the browser page:

http://jzm015.cn/[Removed]115.swf
http://jzm015.cn/[Removed]64.swf
http://jzm015.cn/[Removed]47.swf
http://jzm015.cn/[Removed]45.swf
http://jzm015.cn/[Removed]28.swf
http://jzm015.cn/[Removed]16.swf

Running any of these content files triggers the download and execution of a malware file detected as Exploit.SWF.Downloader.eh.
Last update 05 September 2008

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:W32/Qhost.JE
Exploit.JS.Agent.F
Trojan-Downloader:HTML/Agent.DY
Trojan-Downloader:HTML/Agent.DY
Trojan-Downloader:HTML/Agent.DY
Trojan.Downloader.JS.Agent.PB
Trojan.Cidox!kmem
Trojan.Ransomlock!g75
Trojan.Klovbot!gen2
Trojan.Poweliks!gm