SecurityHome.eu Trojan.Exploit.ANPI

Home / malware PDF

Trojan.Exploit.ANPI

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Exploit.ANPI is also known as Trojan-Downloader.JS.Agent.dak, Exploit:JS/Mult.AC, VBS/Spyme.HC.
Explanation :
This is a Visual Basic Script which uses simple obfuscation techniques to hide it's purpose and evade signatures based detection engines. It is downloaded (while surfing the internet) from malicious websites or some legitimate websites which were usually infected through SQL Injection attacks. It's purpose is to exploit a vulnerability in Internet Explorer (the ADODB.Stream object) in order to download, save and then execute infected files from the internet.
This component is only a part of a complex infection mechanism which will download and install various trojan files to the unaware user's computer.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20