Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:10/10/2008
In the wild:Yes
Reported Infections:Low to medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:No
File size:~ 3.200 Bytes
IVDF version:

 General Method of propagation:
   • No own spreading routine

   •  Kaspersky: Exploit.JS.Agent.xg
   •  F-Secure: Exploit.JS.Agent.xg
   •  Sophos: Mal/ExpJS-H
   •  Eset: JS/TrojanDownloader.Small.NBC trojan
   •  Bitdefender: Trojan.Downloader.JS.LJ

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003

Side effects:
   • Downloads a malicious file
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
It is saved on the local hard drive under: C:/Documents and Settings/All Users/%chinese text%/%chinese text%/Thunder.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Crypt.XDR.Gen

Description inserted by Andreas Feuerstein on Wednesday, November 19, 2008
Description updated by Andreas Feuerstein on Wednesday, November 19, 2008

Back . . . .