SecurityHome.eu Trojan.Jsdownloader.Agent.NBA

Home / malware PDF

Trojan.Jsdownloader.Agent.NBA

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.Jsdownloader.Agent.NBA is also known as Trojan-Downloader.JS.Agent.cwi;, VBS:SanpshotView-A, [Expl].
Explanation :
This malware is written in Javascript and exploits a vulnerability in the Snapshot Viewer ActiveX control for Microsoft Access(snapview.ocx). The payload will be the download of a file from the following link http://www.oiutr.net/new/[removed].css (detected by Bitdefender as Trojan.Downloader.JLCQ). The file will be saved to the following path [c or d or e]:/Program Files/Outlook Express/wab.exe.
You can find more information about this vulnerability here CVE-2008-2463.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Exploit.JS.Agent.F
Trojan-Downloader:HTML/Agent.DY
Trojan.Downloader.JS.Agent.PB
Trojan-Dropper:W32/Agent.CMW
Trojan-Downloader:W32/Agent.TPF
Trojan-Dropper:W32/Agent.DSM
Trojan-Downloader:W32/Agent.BOY
Trojan-Dropper:W32/Agent.PR
Email-Worm:W32/Agent.BC
Trojan.Clicker.Agent.NP