Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:JS/Dldr.Remora.WA
Date discovered:28/03/2008
Type:Exploit
Subtype:Downloader
In the wild:Yes
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:No
IVDF version:7.00.03.88 - Friday, March 28, 2008

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan-Downloader.JS.Remora.W
   •  F-Secure: Trojan-Downloader.JS.Remora.W
   •  Sophos: Mal/ObfJS-R
   •  Grisoft: Downloader.Agent


Side effects:
   • Downloads a malicious file

 Backdoor Contact server:
The following:
   • http://update2.classictel.org/**********

This is done via the HTTP GET request on a PHP script.

Description inserted by Thomas Wegele on Friday, March 28, 2008
Description updated by Thomas Wegele on Monday, March 31, 2008

Back . . . .