Analysis by: Sabrina Lei Sioting
 PLATFORM:

Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This Trojan may be hosted on a website and run when a user accesses the said website.

  TECHNICAL DETAILS

Tipo de compactação: 1,481 bytes
Tipo de arquivo: VBS
Residente na memória: No
Data de recebimento das amostras iniciais: 22 Jun 2009

Arrival Details

This Trojan may be hosted on a website and run when a user accesses the said website.

NOTES:

This Trojan is an interactive ASP page command prompt that will show how vulnerable the IIS web server is to the IUSR_COMPUTER, IWAM_COMPUTER and SYSTEM user accounts. It runs in the context of the web server as a standard ASP page, and simulates a backdoor to any IIS web server.