Trojan.Downloader.JS.Agent.PB

tag:Trojan Downloader

This trojan is written in JavaScript and it exploits a buffer overflow vulnerability of BaoFeng Storm ActiveX Control ( identified with the following CLSID: 6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB). This is done by passing a long argument into rawParse() method of Mps.dll.
If the code stored in a JavaScript unescaped sequence is executed, it will download a malware from the following URL: http://www.[removed]hena.com/test.exe, save it under a.exe ant then execute it. When this description was made, the URL wasn Please let BitDefender delete your files.

This is a script that will download a file and save it on user's computer under a.exe, so there are no obvious symptoms unless the download succeeds and the script executes the downloaded file.

previous:Trojan.Downloader.HTML.FM
previous:Trojan.Downloader.WMA.Wimad

Virus Source from:

New articles

Trojan.Win32.Oficla.dvThis Trojan downloads files from the Internet and launches them without the user’s knowledge or consent. It is a Windows PE EXE file. It is 35840 byte...Conficker.CIt exploits the vulnerability MS08-067 in the Windows Server Service in order to spread itself. It also spreads through shared and removable drives. It reduces ...Downloader.MDW It reduces the security level of the computer: it notifies the attacker that the computer has been compromised and is ready to be used maliciously; it chan...Trojan.Downloader.WMA.Wimad.ZThis is another copy of the Trojan.Downloader.Wimad.A . It behaves in a similar way and even downloads from the same webpage ( hxxp://missing-codecs.net ) which...Trojan.Downloader.WMA.Wimad.SThis is another copy of the Trojan.Downloader.Wimad.A . It behaves in a similar way and even downloads from the same webpage ( www.fastmp3player.com ) which mea...

Hot Articles

Trojan.Downloader.JS.Agent.PB

Computer Virus Clounds