Virus:TR/Dldr.S.CJG.325.D
Date discovered:07/04/2006
Type:Trojan
Subtype:Downloader
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:3.072 Bytes
MD5 checksum:9dd62a6420f88d8e02d90A7524c0ee6e
VDF version:6.34.00.153

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan-Downloader.Win32.Tiny.al
   •  Bitdefender: Trojan.Downloader.Tiny.AL


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003


Side effects:
   • Downloads files
   • Third party control

 Backdoor Contact server:
The following:
   • http://goldenfreehost.com/**********

As a result remote control capability is provided. This is done via the HTTP GET request on a PHP script.
The servers answer is written to the file: %TEMPDIR%\list


Remote control capabilities:
    • Download file

 File details Runtime packer:
In order to aggravate detection and reduce size of the file it is packed with a runtime packer.

Description inserted by Daniel Constantin on Thursday, April 13, 2006
Description updated by Daniel Constantin on Thursday, April 13, 2006

Back . . . .