Analysis by: Jed Valderama

 PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted: Yes

  • In the wild: Yes

  OVERVIEW

This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.

It uses a file name similar to a legitimate file to pass as a legitimate file. It uses a file extension similar to legitimate applications to trick users into thinking that it is a legitimate application.

  TECHNICAL DETAILS

Tamaño del archivo Varies
Tipo de archivo DLL
Fecha de recepción de las muestras iniciales 07 Jun 2012

Arrival Details

This Trojan may be dropped by other malware.

It may be unknowingly downloaded by a user while visiting malicious websites.

Installation

This Trojan uses a file name similar to a legitimate file to pass as a legitimate file.

It uses a file extension similar to legitimate applications to trick users into thinking that it is a legitimate application.

NOTES:

The code of this malware is encrypted which prevents the execution of its major routines. It needs its component file to decrypt its main code.