Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Virus:JS/Drop.Delf.NK.24.D
Date discovered:21/10/2005
Type:JavaScript
In the wild:No
Reported Infections:High
Distribution Potential:Low
Damage Potential:Low to medium
VDF version:6.32.00.106 - Friday, October 21, 2005
IVDF version:6.32.00.106 - Friday, October 21, 2005

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Mcafee: potentially
   •  Kaspersky: Trojan-Downloader.JS.IstBar.z
   •  Bitdefender: Trojan.Downloader.Js.Istbar.Z
   •  Grisoft: Downloader.Istbar.9.BD
   •  Eset: HTML/ScrInject.B.Gen virus
     GData: Trojan.Downloader.Js.Istbar.Z
     Norman: Trojan Istbar.U


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


Side effects:
   • Downloads malicious files

 Files It tries to download some files:

The location is the following:
   • http://www.**********ode.com/ist/softwares/v4.0/0006_regular.cab
It is saved on the local hard drive under: %Temp%\ICD1.tmp\istactivex.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

The location is the following:
   • http://cache.**********web.com/ist/softwares/v4.0/istdownload.exe
It is saved on the local hard drive under: %Temp%\iinstall.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

 Miscellaneous  Checks for an internet connection by contacting the following web site:
   • http://install.xxxtoo**********.com/ist/scripts/prompt.php?retry=2&loadfirst=0&delayload=10&account_id=158634&recurrence=always&adid=a1124418766&event_type=onload

 File details Programming language:
 • JavaScript

Description insérée par Wensin Lee le mercredi 15 août 2012
Description mise à jour par Wensin Lee le mercredi 15 août 2012

Retour . . . .
https:// Cet écran est crypté pour votre sécurité.