Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:08/03/2011
In the wild:No
Reported Infections:Medium to high
Distribution Potential:Low
Damage Potential:Medium
Static file:Yes
File size:5.053 Bytes
MD5 checksum:1dcad9dc810da4c90f28f4412681d1d6
VDF version:
IVDF version:

 General Method of propagation:
   • No own spreading routine

   •  Kaspersky: Exploit.Java.CVE-2010-0840.d
   •  F-Secure: Exploit.Java.CVE-2010-0840.d
   •  Eset: Java/TrojanDownloader.OpenStream.NBI
   •  DrWeb: Exploit.Java.186

Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Downloads a file
   • Lowers security settings
   • Makes use of software vulnerability
      •  CVE-2010-0840

 Files It tries to download a file:

– The location is the following:
   • %given parameter%
It is saved on the local hard drive under: %TEMPDIR%\%random numbers%.exe Furthermore this file gets executed after it was fully downloaded.

It tries to execute the following files:

– Filename:
   • ISO.class

– Filename:
   • word.class

 File details Programming language:
 • Java

Description inserted by Alexander Bauer on Wednesday, March 9, 2011
Description updated by Alexander Bauer on Wednesday, March 9, 2011

Back . . . .