Нужен совет? Обратитесь за помощью к сообществу или специалистам.
Перейти к Avira Answers
Date discovered:19/12/2012
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:13.672 Bytes
MD5 checksum:46fbd9ecec529151e6ec7ffac2f9f94e
VDF version: - Wednesday, December 19, 2012
IVDF version: - Wednesday, December 19, 2012

 General Method of propagation:
   • By visiting infected websites

Similar detection:
   •  JS/Redirector.SB
   •  TR/Obisty.A

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Downloads a malicious file
   • Drive-by download
   • Makes use of software vulnerability

 Files It tries to download a file:

– The location is the following:
   • http://apensiona.ru:8080/**********/links/column.php?%given parameter%
It is saved on the local hard drive under: %HOME%\Local SettingsTemp\wpbt0.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: TR/Obisty.A

 File details Programming language:
 • JavaScript

Encrypted - The virus code inside the file is encrypted.

Описание добавил Andrei Gherman в(о) среда, 19 декабря 2012 г.
Описание обновил Andrei Gherman в(о) среда, 19 декабря 2012 г.

Назад . . . .