Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:29/01/2013
In the wild:Yes
Reported Infections:Medium to high
Distribution Potential:Medium
Damage Potential:Low to medium
Static file:Yes
File size:340.484 Bytes
MD5 checksum:1e06216b0Dca5432bb69424d7cb6c0a1
VDF version: - Tuesday, January 29, 2013
IVDF version: - Tuesday, January 29, 2013

 General Method of propagation:
   • Email

   •  Kaspersky: Trojan.Win32.Bublik.acwh
   •  TrendMicro: TSPY_BUBLIK.VPL
   •  F-Secure: Trojan.Generic.KD.837473
   •  Sophos: Mal/EncPk-MP
     Microsoft: Trojan:Win32/Bublik.B
   •  Panda: Trj/CI.A
   •  Eset: Win32/Spy.Bebloh.J
AhnLab: Trojan/Win32.Bublik
     DrWeb: BackDoor.Bebloh.21
     Fortinet: W32/Zbot.DHN!tr

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Side effects:
   • Drops a malicious file

 Files The following file is created:

%SYSDIR%\%random%.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: TR/Spy.Bebloh.EB.94

Description inserted by Eric Burk on Friday, February 1, 2013
Description updated by Eric Burk on Friday, February 1, 2013

Back . . . .