Du brauchst Hilfe? Frage die Community oder wende dich an einen Experten.
Zu Avira Answers
Virus:EXP/Pidief.aom
Date discovered:21/02/2012
Type:Exploit
In the wild:Yes
Reported Infections:High
Distribution Potential:Low
Damage Potential:Low to medium
Static file:No
VDF version:7.11.23.180 - Tuesday, February 21, 2012
IVDF version:7.11.23.180 - Tuesday, February 21, 2012

 General Method of propagation:
   • By visiting infected websites


Aliases:
   •  Microsoft: Exploit:Win32/Pdfjsc.ZZ
   •  DrWeb: Exploit.PDF.2743


Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Drive-by download

 Files It tries to download some files:

– The location is the following:
   • http://agentur-ratte.de/lutoma/cln/**********
It is saved on the local hard drive under: %TEMPDIR%\wpbt%number%.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

– The location is the following:
   • http://dylanpatton.de/mtpforum/**********
It is saved on the local hard drive under: %TEMPDIR%\wpbt%number%.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

– The location is the following:
   • http://moc-steinsberg.de/main/Vorstand/**********
It is saved on the local hard drive under: %TEMPDIR%\wpbt%number%.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

 File details Programming language:
 • JavaScript


Encryption:
Encrypted - The virus code inside the file is encrypted.

Die Beschreibung wurde erstellt von Alexander Bauer am Dienstag, 21. Februar 2012
Die Beschreibung wurde geändert von Alexander Bauer am Dienstag, 21. Februar 2012

zurück . . . .