需要修复电脑?
聘请专家
Virus:JS/Drop.Delf.NK.24.D
Date discovered:21/10/2005
Type:JavaScript
In the wild:No
Reported Infections:High
Distribution Potential:Low
Damage Potential:Low to medium
VDF version:6.32.00.106 - Friday, October 21, 2005
IVDF version:6.32.00.106 - Friday, October 21, 2005

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Mcafee: potentially
   •  Kaspersky: Trojan-Downloader.JS.IstBar.z
   •  Bitdefender: Trojan.Downloader.Js.Istbar.Z
   •  Grisoft: Downloader.Istbar.9.BD
   •  Eset: HTML/ScrInject.B.Gen virus
   •  GData: Trojan.Downloader.Js.Istbar.Z
   •  Norman: Trojan Istbar.U


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Side effects:
   • Downloads malicious files

 Files It tries to download some files:

– The location is the following:
   • http://www.**********ode.com/ist/softwares/v4.0/0006_regular.cab
It is saved on the local hard drive under: %Temp%\ICD1.tmp\istactivex.dll Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

– The location is the following:
   • http://cache.**********web.com/ist/softwares/v4.0/istdownload.exe
It is saved on the local hard drive under: %Temp%\iinstall.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

 Miscellaneous  Checks for an internet connection by contacting the following web site:
   • http://install.xxxtoo**********.com/ist/scripts/prompt.php?retry=2&loadfirst=0&delayload=10&account_id=158634&recurrence=always&adid=a1124418766&event_type=onload

 File details Programming language:
 • JavaScript

说明添加者: Wensin Lee 打开 2012年8月15日星期三
说明更新者: Wensin Lee 打开 2012年8月15日星期三

反馈 . . . .
https:// 为了你的安全,此窗口已加密。