検索:
ホーム   »     »   New Feebs Variant In The Wild

New Feebs Variant In The Wild

  • 投稿日:2006年1月13日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Another new variant of JS_FEEBS is making the round in the internet. It arrives as an email attachment with the filename message.zip and contains an HTML file named, “Secure E-mail File.hta”. The subject of the email is “Secure Message from HotMail.com user.”.


It also attempts to access the following web sites to download malicious files to the affected system. These files are encoded using base64 (b64) and when decoded will leave two distinct copies.



  • http://qnx.{blocked}.ru/d.php
  • http://ab.{blocked}.com/d.c
  • http://hzs.{blocked}.ru/d.c
  • http://users.{blocked}.net/xup/d.txt
  • http://zto.{blocked}.ru/m.txt

These two distinct copies are the worm components which Trend detects as WORM_FEEBS.N. Upon downloading and decoding of WORM_FEEBS.N, this will be executed on the affected system thus, compromises more the victim’s machine.


Trend has given the detection name, JS_FEEBS.M, to the malicious HTML file, “Secure E-mail File.hta”. The virus information and the solution to protect yourself for this threat can be found in the Virus Encyclodpedia.


JS_FEEBS.M’s Description
JS_FEEBS.M’s Solution


No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.