Virus:JS/Dldr.Psyme.GX.3
Date discovered:11/07/2007
Type:Trojan
Subtype:Downloader
In the wild:Yes
Reported Infections:Low to medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:No
File size:~3.600 Bytes
IVDF version:6.39.00.132 - Wednesday, July 11, 2007

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Symantec: Bloodhound.Exploit.196
   •  TrendMicro: TROJ_PDFEX.B
   •  Sophos: Troj/PDFEx-AA
   •  VirusBuster: JS.IESlice.E
   •  Bitdefender: Exploit.HTML.IESlice.C


Platforms / OS:
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003


Side effects:
   • Downloads a malicious file
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
   • http://v2statscount.net/**********
It is saved on the local hard drive under: %system drive root% \U.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

Description inserted by Alexandru Dinu on Thursday, November 6, 2008
Description updated by Andrei Gherman on Friday, November 7, 2008

Back . . . .