Home / malware Virus:HTML/Virut.BH
First posted on 18 June 2010.
Source: SecurityHomeAliases :
Virus:HTML/Virut.BH is also known as HTML/Framer (AVG), HTML/Virut.8224 (CA), Win32/Virut.NBK (ESET), Trojan.HTMl.IFrame.ca (Kaspersky), HTML/Virut.gen3 (Norman), W32/DownFrame.B (Panda), Troj/Fujif-Gen (Sophos), Trojan-Clicker.HTML.IFrame (Sunbelt Software), W32.Virut!html (Symantec), JS.Virut.X (VirusBuster).
Explanation :
Virus:HTML/Virut.BH is a detection for HTML script appended to Web pages by Virus:Win32/Virut.BM. The appended script contains an IFrame and redirection URL that attempts to download other malware.
Top
Virus:HTML/Virut.BH is a detection for HTML script appended to Web pages by Virus:Win32/Virut.BM. The appended script contains an IFrame and redirection URL that attempts to download other malware. InstallationThis HTML script is inserted into local Web pages by Virus:Win32/Virut.BM. When an HTML page is viewed, the IFrame script is run which may redirect the browser to an exploit web page at the address "zief.pl". Payload Downloads other malwareIf exploits from the site "zief.pl" are successful, it could result in downloading of arbitrary malware. Additional InformationFor more information about Virus:Win32/Virut.BM, see the description elsewhere in the encyclopedia.
Analysis by Aaron PutnamLast update 18 June 2010