Trojan-Downloader:HTML/Cursor.A is a trojan downloader that uses the "CURSOR" HTML dynamic style command to load a remote exploit ANI file that in turn downloads another malware executable file.

The following links are the download location:

Http://5y5.us/[REMOVED]/1.jpg
Http://5y5.us/[REMOVED].exe

The ANI file is detected as Exploit.Win32.IMG-ANI.k whereas the malware (EXE) further downloaded by the exploit is detected as Virus.Win32.AutoRun.az using our latest virus signature database updates.

Last update 11 June 2007

 

TOP