JS/Dldr.Psyme.3333 - Malware

See also

Summary

Full description

Statistics

Virus:	JS/Dldr.Psyme.3333
Date discovered:	10/10/2008
Type:	Trojan
Subtype:	Downloader
In the wild:	Yes
Reported Infections:	Low to medium
Distribution Potential:	Low
Damage Potential:	Low to medium
Static file:	No
File size:	~ 3.200 Bytes
IVDF version:	7.00.07.22 - Fri, 10 Oct 2008 10:50 (GMT+1)

General Method of propagation:
   • No own spreading routine

Aliases:
   • Kaspersky: Exploit.JS.Agent.xg
   • F-Secure: Exploit.JS.Agent.xg
   • Sophos: Mal/ExpJS-H
   • Eset: JS/TrojanDownloader.Small.NBC trojan
   • Bitdefender: Trojan.Downloader.JS.LJ

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003

Side effects:
   • Downloads a malicious file
   • Makes use of software vulnerability

Files It tries to download a file:

– The location is the following:
• http://ad.ote2008.info/**********.css
It is saved on the local hard drive under: C:/Documents and Settings/All Users/%chinese text%/%chinese text%/Thunder.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Crypt.XDR.Gen

See a brief description here.

Description inserted by Andreas Feuerstein on Wed, 19 Nov 2008 10:35 (GMT+1)
Description updated by Andreas Feuerstein on Wed, 19 Nov 2008 11:43 (GMT+1)

» About Malware
» About Phishing
» Viruses In the Wild

« back