Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:29/01/2013
In the wild:Yes
Reported Infections:Low to medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:6.914 Bytes
MD5 checksum:a55b3d65628a200Faab3b4321a91d203
VDF version:
IVDF version:

 General Method of propagation:
   • Email

   •  Bitdefender: PDF:Exploit.PDF-JS.UQ
   •  AVG: Exploit_c.WPO
   •  Eset: JS/Exploit.Pdfka.QCG trojan

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Downloads a malicious file

 Files It tries to download a file:

– The locations are the following:
   • http://styl**********ds/google_sitemap.exe
   • http://b-**********et/info.exe
   • http://www.dnl-co**********d/host.exe
   • http://www.axi**********ll/helper.exe
It is saved on the local hard drive under: %temporary internet files%\Content.IE5\XP8IS2UM\google_sitemap[1].exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Spy.Bebloh.EB.92

Description inserted by Eric Burk on Saturday, February 2, 2013
Description updated by Eric Burk on Saturday, February 2, 2013

Back . . . .