検索:
ホーム   »     »   WMF Exploit Links to Adware

WMF Exploit Links to Adware

  • 投稿日:2005年12月30日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Adding to the list of URLs using the new WMF exploit, we received reports on a botnet which distributes WMF exploits from http://www.<BLOCKED>.biz/tr. We leeched 10 wmf file samples each having distinct MD5 hashes. The wmf files, to be detected as TROJ_NASCENE.GEN, contain malicious codes that download and execute another malware. The downloaded malware which will be detected as ADW_EXFOL.A further downloads another malware already detected as ADW_EXFOL.A.


The detected adware displays a message box shown below:



After clicking on the Terms & Conditions, it opens a url which has the Exfol EULA. (Click on image below to view enlarged image)



No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.