Du brauchst Hilfe? Frage die Community oder wende dich an einen Experten.
Zu Avira Answers
Virus:JS/Drop.Delf.NK.24.D
Date discovered:21/10/2005
Type:JavaScript
In the wild:No
Reported Infections:High
Distribution Potential:Low
Damage Potential:Low to medium
VDF version:6.32.00.106 - Friday, October 21, 2005
IVDF version:6.32.00.106 - Friday, October 21, 2005

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Mcafee: potentially
   •  Kaspersky: Trojan-Downloader.JS.IstBar.z
   •  Bitdefender: Trojan.Downloader.Js.Istbar.Z
   •  Grisoft: Downloader.Istbar.9.BD
   •  Eset: HTML/ScrInject.B.Gen virus
   •  GData: Trojan.Downloader.Js.Istbar.Z
   •  Norman: Trojan Istbar.U


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Downloads malicious files

 Files It tries to download some files:

– The location is the following:
   • http://www.**********ode.com/ist/softwares/v4.0/0006_regular.cab
It is saved on the local hard drive under: %Temp%\ICD1.tmp\istactivex.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

– The location is the following:
   • http://cache.**********web.com/ist/softwares/v4.0/istdownload.exe
It is saved on the local hard drive under: %Temp%\iinstall.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

 Miscellaneous  Checks for an internet connection by contacting the following web site:
   • http://install.xxxtoo**********.com/ist/scripts/prompt.php?retry=2&loadfirst=0&delayload=10&account_id=158634&recurrence=always&adid=a1124418766&event_type=onload

 File details Programming language:
 • JavaScript

Die Beschreibung wurde erstellt von Wensin Lee am Mittwoch, 15. August 2012
Die Beschreibung wurde geändert von Wensin Lee am Mittwoch, 15. August 2012

zurück . . . .