Du brauchst Hilfe? Frage die Community oder wende dich an einen Experten.
Zu Avira Answers
Date discovered:16/01/2013
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:9.870 Bytes
MD5 checksum:88addadbfe3d3a9f9359cc334934dd64
VDF version:
IVDF version:

 General Method of propagation:
   • Email

   •  Sophos: Troj/PDFJs-ACP
   •  Bitdefender: Exploit.PDF.Agent.F
   •  Microsoft: Exploit:Win32/Pdfjsc.ADF
   •  GData: Exploit.PDF.Agent.F
   •  Fortinet: W32/PDFJs.ACP!tr
   •  Ikarus: Exploit.Win32.Pdfjsc

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Downloads a malicious file
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
   • http://www.ukde********** s/name-pdf.exe
It is saved on the local hard drive under: %temporary internet files%\Content.IE5\XP8IS2UM\name-pdf[1].exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Bublik.aayw

 File details Programming language:
 • JavaScript

Encrypted - The virus code inside the file is encrypted.

Die Beschreibung wurde erstellt von Eric Burk am Mittwoch, 16. Januar 2013
Die Beschreibung wurde geändert von Eric Burk am Mittwoch, 16. Januar 2013

zurück . . . .