検索:
ホーム   »     »   Trojan Downloaders Spammed as Picture file (Again)

Trojan Downloaders Spammed as Picture file (Again)

  • 投稿日:2006年9月13日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Several Trojan downloaders are being spammed across email inboxes once again. These Trojans pose as picture file attachments and use a double extension and trailing characters to trick unsuspecting users into clicking the file. As of this writing, we have received 3 different samples of this malware:

Kodak_foto04.JPG….exe (MD5 Hash: 768c94b93fbdabde9480b022e1a56669)

Kodak_foto02.JPG….exe (MD5 Hash: 6b10fe30d303a91f133edb459f05609f)

Kodak_foto01.JPG….exe (MD5 Hash: 800ffd6c25a62ed694bf4410e35539f1)

Though they may have different MD5 hashes, these samples exhibit the same behavior. Initial analysis has shown that upon execution, the malware drops its components in the Windows system folder. It downloads a disguised SWF file that is known to exhibit rootkit behavior when installed in the affected system.

A solution has already been deployed for these threats. Trend is detecting all mentioned files as
TROJ_DLOADER.DSW using OPR 3.745.00.

No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.