Virus:TR/Dldr.VB.alb
Date discovered:24/08/2006
Type:Trojan
Subtype:Downloader
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:20.480 Bytes
MD5 checksum:5e0862177655a85d2cef9345d1c0b17c
VDF version:6.35.01.132
IVDF version:6.35.01.135 - Thursday, August 24, 2006

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan-Downloader.Win32.VB.alb
   •  TrendMicro: TROJ_DLOADER.DTW
   •  Sophos: Troj/Dloadr-AMB
   •  VirusBuster: Trojan.DL.VB.WYO
   •  Bitdefender: Trojan.Downloader.VB.TR


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003


Side effects:
   • Downloads a malicious file


Right after execution the following information is displayed:


 Files It tries to download a file:

– The location is the following:
   • http://zhmbscwdgk.biz/dl/**********
It is saved on the local hard drive under: c:\111.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Dldr.VB.alb.4.B

 File details Programming language:
 The malware program was written in Visual Basic.

Description inserted by Marius T. Nicolae on Monday, August 28, 2006
Description updated by Marius T. Nicolae on Monday, August 28, 2006

Back . . . .