Virus:HTML/IFrame.800
Date discovered:28/08/2008
Type:Trojan
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:No
File size:~ 800 Bytes
IVDF version:7.00.06.82 - Thursday, August 28, 2008

 General Method of propagation:
   • No own spreading routine


Alias:
   •  Mcafee: Exploit-IFrame trojan
   •  Kaspersky: Trojan-Downloader.JS.Timul.cw
   •  F-Secure: Trojan-Downloader.JS.Timul.cw
   •  Grisoft: Exploit
   •  Bitdefender: Trojan.Exploit.JS.O


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003


Side effects:
   • Downloads malicious files

 Files It tries to download some files:

– The location is the following:
   • %visited URL%/flash.htm
At the time of writing this file was not online for further investigation.

– The location is the following:
   • %visited URL%/14.htm
At the time of writing this file was not online for further investigation.

– The location is the following:
   • %visited URL%/office.htm
At the time of writing this file was not online for further investigation.

– The location is the following:
   • %visited URL%/nt.htm
At the time of writing this file was not online for further investigation.

– The location is the following:
   • %visited URL%/re10.htm
At the time of writing this file was not online for further investigation.

– The location is the following:
   • %visited URL%/re11.htm
At the time of writing this file was not online for further investigation.

Description inserted by Thomas Wegele on Wednesday, October 8, 2008
Description updated by Thomas Wegele on Thursday, October 9, 2008

Back . . . .