Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:17/01/2011
In the wild:Yes
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:2.376 Bytes
MD5 checksum:744d57ac9248e09f87f5ae058815bae2
IVDF version: - Wednesday, November 17, 2010

 General Method of propagation:
   • No own spreading routine

     Avast: Java:Agent-BW
     Microsoft: Exploit:Java/CVE-2010-0840.L
     GData: Java:Agent-BW

Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Side effects:
   • Drops a file
   • Lowers security settings

 Files The following file is created:

%TEMPDIR%\%random numbers%.exe Furthermore it gets executed after it was fully created.

It tries to execute the following files:

   • YAHO.class
The file contains malicious code.

   • main$1.class

 File details Encryption:
Encrypted - The virus code inside the file is encrypted.

Description inserted by Alexander Bauer on Friday, January 14, 2011
Description updated by Alexander Bauer on Friday, January 14, 2011

Back . . . .