SecurityHome.eu Trojan.Exploit.ANOG

Home / malware PDF

Trojan.Exploit.ANOG

First posted on 21 November 2011.
Source: BitDefender
Aliases :
There are no other names known for Trojan.Exploit.ANOG.
Explanation :
It's a Javascript that use some common algorithms (escape, base64) for encoding its body to avoid detection. A VBScript is hidden under this algoritm. The VBStript is also obfuscated, contains a link: "http://ad.ote2008.[removed]/ad.css" to a file detected as Trojan.Agent.AJJX. File from that address is saved in victim's machine as %TEMP%Gameeeeee.pif it's a Win32 executable and is launched by a previous created %TEMPGameeeees.vbs%
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20