English
Deutsch
Español
Italian
Portal
Amenazas
TR/Vundo.ewz.9
Búsqueda
Portal
Soporte
Soluciones
Productos
Descargas
Amenazas
Statistics
Phishing Worldmap
VDF History
Virus Science
Submit Sample
Security News
Viruses In the Wild
Compañía
Prensa
Socios
Newsletter
TR/Vundo.ewz.9 - Trojan
Vea también
Resumen
Descripción completa
Estadísticas
How would you rate this information?
Worthless
Excellent
Nombre:
TR/Vundo.ewz.9
Descubierto:
29/06/2008
Tipo:
Troyano
En circulación (ITW):
No
Número de infecciones comunicadas:
Bajo
Potencial de propagación:
Bajo
Potencial dañino:
Bajo
Fichero estático:
No
Tamaño:
82.432 Bytes
Versión del IVDF:
7.00.05.19
General
Método de propagación:
• No tiene rutina propia de propagación
Alias:
• Kaspersky: Trojan.Win32.Monder.ahv
• Bitdefender: Trojan.Vundo.EWZ
Plataformas / Sistemas operativos:
• Windows 95
• Windows 98
• Windows 98 SE
• Windows NT
• Windows ME
• Windows 2000
• Windows XP
• Windows 2003
Robo de informaciones
– Después de visitar uno de los siguientes sitios web, se crea una rutina para generar ficheros de informe:
• search.yahoo.com; search.msn.com; www.aolsearch.com; searchscout.com;
kanoodle.com; search.ebay.com; search2.shopnav.com; earch.lycos.com;
www.sirsearch.com; www.2020search.com; www.exactsearch.net;
www.slotch.com; www.seekseek.com; is1.websearch.com; 66.220.17.157;
search.perfectnav.com; 7search.com; mysearch.myway.com; web.ask.com;
www.reference.com; landing.domainsponsor.com; www.yoogee.com;
hp.qsrch.com; blazefind.com; 64.235.246.150; www.zestyfind.com;
www.pwrsrch.com; www.searchassistant.net; www.altavista.com;
www.mysearch.com; msxml.excite.com; search.startium.com; revenue.net;
www.findthewebsiteyouneed.com; www.freeesearch.com; www.ntsearch.com;
search.netzero.net; find.intelius.com; www.overture.com;
search.naver.com; msxml.blowsearch.com; www.dogpile.com;
global-finder.com; search.cometsystems.com; www.isearch.com;
www.getfound.com; www.webcrawl.net; www.mywebsearch.com;
www.featured-results.com; ms101.mysearch.com; www.whyppc.com;
www.blazefind.com; searchpage.cc; search.information.com;
kd.mysearch.myway.com; www.seeq.com; usseek.com; www.clearsearch.cc;
www.searching.net; www.almightysearch.com; search.earthlink.net;
search.aol.com; www.xpsn.com; search.netscape.com; www.marsfind.com;
www2.seek2.com; www.simpli.com; ussearch.com; best-search.cc;
searchco.com; domainhop.com; apps5.oingo.com; www.newtopsites.com;
searchap.untd.com; www.searchreslt.com; www.180searchassistant.com;
www.surveyscout.com; www.flashlightsearch.com; engine.metacharge.com;
ad.searchsquire.com; images.trafficmp.com; z1.adserver.com;
ads1.revenue.net; ad.doubleclick.net; adserver.sharewareonline.com;
jbns2.cydoor.com; webpdp.gator.com; count.exitexchange.com;
bannerfarm.ace.advertising.com; sr.adwave.com;
oas-central.realmedia.com; ads.clickagents.com; www.jmnad1.com;
banners.pennyweb.com; c1.zedo.com; jbigpops.cjt1.net;
nitrous.exitfuel.com; ads.bidclix.com; ads.x10.com;
nitrous.internetfuel.com; ads.partner2profit.com; ads.centralmedia.ws;
e.rn11.com; ilead.itrack.it; ad.weatherbug.com; www.popuppers.com;
ad.trafficmp.com; ads.addynamix.com; ads.peel.com; popup.msn.com;
adserv.internetfuel.com; isg01.casalemedia.com; ads.specificpop.com;
a.tribalfusion.com; jthedelfin.cjt1.net; isg02.casalemedia.com;
isg03.casalemedia.com; popups.ad-logics.com; isg04.casalemedia.com;
isg05.casalemedia.com; ads.dealhelper.com; jmediabuy1.cjt1.net;
c1dcon.d8t.biz; adfarm.mediaplex.com; www.odysseusmarketing.com;
cache.unicast.com; c5.zedo.com; aff.weatherbug.com;
banners.valuead.com; www.trafficexplorer.com; icc.intellisrv.net;
media.fastclick.net; servedby.advertising.com; as1.falkag.de;
ads.flashtrack.net; oz.valueclick.com; ar.atwola.com;
clients.valueclick.com; c.azjmp.com; cnt.rapidblaster.com;
www2.yesadvertising.com; sbase30.com; www.nextag.com; www.advnt01.com;
c4.zedo.com; object.passthison.com; us.rd.yahoo.com;
us.f1.yahoofs.com; rds.yahoo.com; us.f2.yahoofs.com;
www6.paypopup.com; downloads.aaa1screensavers.com; www1.paypopup.com;
serve.alcena.com; www.clk4.com; www4.yesadvertising.com; advnt05.com;
as.adwave.com; previewpops.com; pop.mircx.com;
www5.yesadvertising.com; sw.interpolls.com; ww2.weatherbug.com;
www.adshooter.com; c.casalemedia.com; c7.zedo.com; www.paypopup.com;
images.bonzi.com; ads.wanadooregie.com; s1di.d8t.biz; banners.dot.tk;
www.bravenet.com; jclickspring.cjt1.net; www8.paypopup.com;
sp.trafficmarketplace.com; hop.clickbank.net; www.qksrv.net;
www2.nextag.com; clk.atdmt.com; www.azoogleads.com; jicmedia.cjt1.net;
media.adrevolver.com; ads.smni.com; http300.edge.ru4.com;
banners.toteme.com; www.consumptionjunction.com; us.ard.yahoo.com;
jimesh.cjt1.net; www.flowgo.com; banner2.inet-traffic.com;
advertising.paltalk.com; adserver.trb.com; www.weatherbug.com;
javatar.cjt1.net; server5.adsrve.com; ads.as4x.tmcs.net;
oascentral.cciads.us; www9.paypopup.com; jadlogix.cjt1.net;
clicks.toteme.com; fad-1107.nyc1.targetnet.com; www.look2me.com;
www.cydoor.com; fad-413.mtl4.targetnet.com; www.emarketmakers.com;
fad-1109.nyc1.targetnet.com; jp1.sb01.com; ads2.revenue.net;
azoogleads.com; www.traffic-converter.com; fad-412.mtl4.targetnet.com;
ads-direct.prodigy.net; affiliate.dtiserv.com;
fad-1108.nyc1.targetnet.com; click.linksynergy.com; www.adsrve.com;
traq.sublimoffer.com; image.atdmt.com; www.infinite-ads.com;
www.bidclix.com; paypopup.com; clickit.go2net.com; www.7adpower.com;
ad.insightexpress.com; ads.180solutions.com
Datos del fichero
Lenguaje de programación:
El programa de malware ha sido escrito en Delphi.
Para una breve descripción vea el resumen
aquí
.
Descripción insertada por Alexander Neth el Tue, 01 Jul 2008 13:46 (GMT+1)
Descripción actualizada por Alexander Neth el Tue, 01 Jul 2008 14:07 (GMT+1)
»
About Malware
»
About Phishing
»
Viruses In the Wild
« back
Imprimir esta página
TR/Crypt.CFI.Gen
W32/Elkern.C
Worm/Mytob.AD
Worm/Kidala.G
Worm/Bagle.FJ
TR/Drop.MuJoin.AF
PHISH/CrediCard
TR/Autorun.afj
BDS/Agent.qfh.1
TR/Dldr.FraudLoa.NC
© 2008 Avira GmbH
Copyright
Protección de datos
Mapa web
Feedback
Pie de imprenta
FAQ
Contacto
Amenazas 
Imprimir esta página
