This Trojan arrives as attachment to email messages spammed by another malware or a malicious user. It may be downloaded from remote site(s) by other malware.
This malicious PDF file exploits the following vulnerability found Adobe Reader and Adobe Acrobat 9.2 and earlier versions:
Upon opening this specially crafted PDF file, it drops the file
%Temp%\AdobeUpdate.exe. The dropped file is detected as BKDR_HORST.JW.
This Trojan then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.
This Trojan runs on Windows 98, ME, NT, 2000, XP, and Server 2003.
Analysis By: Jessa De La Torre
Updated By: Roland Dela Paz