Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:Java/OpenConnect.AL
Date discovered:24/01/2011
Type:Trojan
In the wild:Yes
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:6.097 Bytes
MD5 checksum:ef02ee6d7de05058ce22bb73573b7ed4
VDF version:7.10.08.45
IVDF version:7.11.01.237 - Monday, January 24, 2011

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan-Downloader.Java.OpenStream.bf
   •  F-Secure: Trojan-Downloader.Java.OpenStream.bf
   •  Sophos: Exp/CVE10-0840
   •  Microsoft: Exploit:Java/CVE-2010-0840.AN
   •  Eset: Java/TrojanDownloader.OpenStream.NBA


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Drops a file
   • Lowers security settings
   • Makes use of software vulnerability
      •  CVE-2010-0840

 Files The following file is created:

%TEMPDIR%\%random numbers%.exe Furthermore it gets executed after it was fully created.



It tries to execute the following files:

– Filename:
   • pinupa.class


– Filename:
   • poliko.class

 File details Encryption:
Encrypted - The virus code inside the file is encrypted.

Description inserted by Alexander Bauer on Wednesday, January 26, 2011
Description updated by Alexander Bauer on Wednesday, January 26, 2011

Back . . . .