Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:29/01/2013
In the wild:Yes
Reported Infections:Medium to high
Distribution Potential:Medium
Damage Potential:Low to medium
Static file:Yes
File size:340.484 Bytes
MD5 checksum:1e06216b0Dca5432bb69424d7cb6c0a1
VDF version:
IVDF version:

 General Method of propagation:
   • Email

   •  Kaspersky: Trojan.Win32.Bublik.acwh
   •  TrendMicro: TSPY_BUBLIK.VPL
   •  F-Secure: Trojan.Generic.KD.837473
   •  Sophos: Mal/EncPk-MP
   •  Microsoft: Trojan:Win32/Bublik.B
   •  Panda: Trj/CI.A
   •  Eset: Win32/Spy.Bebloh.J
   •  AhnLab: Trojan/Win32.Bublik
   •  DrWeb: BackDoor.Bebloh.21
   •  Fortinet: W32/Zbot.DHN!tr

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Drops a malicious file

 Files The following file is created:

%SYSDIR%\%random%.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: TR/Spy.Bebloh.EB.94

Description inserted by Eric Burk on Friday, February 1, 2013
Description updated by Eric Burk on Friday, February 1, 2013

Back . . . .