Home / malware Trojan:Java/Selace.K
First posted on 12 January 2010.
Source: SecurityHomeAliases :
There are no other names known for Trojan:Java/Selace.K.
Explanation :
Trojan:Java/Selace.K is a malicious Java class that works with other malicious Java classes to download arbitrary executable code.
Top
Trojan:Java/Selace.K is a malicious Java class that works with other malicious Java classes to download arbitrary executable code. InstallationTrojan:Java/Selace.K may be bundled with a malicious Java applet detected as Exploit:Java/CVE-2008-5353.A. The Java applet is a Java archive (.JAR file) that contains the following Java class malware:AppletX.class - Exploit:Java/CVE-2008-5353.C LoaderX.class - Trojan:Java/Selace.K PayloadX.class - Trojan:Java/Selace.L On a vulnerable system without a particular Java security update installed, Exploit:Java/CVE-2008-5353.A executes the malicious Java classes listed above with full privileges ('AllPermissions'), resulting in the download and execution of malware on the vulnerable system. Payload Downloads and executes arbitrary filesMalware is downloaded from a URL passed as a parameter to the Java applet. The retrieved executable is saved to the %TEMP% folder as a randomly generated file name that is between one and five random digits, as in the following example: %TEMP%\9218.exe The saved executable is then run. Additional InformationExamples of malware downloaded and run by Trojan:Java/Selace.K include variants of Win32/Bredolab.
Analysis by Dan KurcLast update 12 January 2010
