Home / malware Trojan:W32/Agent.FVO
First posted on 27 August 2008.
Source: SecurityHomeAliases :
There are no other names known for Trojan:W32/Agent.FVO.
Explanation :
Trojans are malicious programs that pretend be to benign. Trojans do not replicate themselves.
right]Trojan:W32/Agent.FVO was sent in several spam runs in the country of Denmark. The e-mail messages are in Danish and were sent to Danish e-mail addresses.
The e-mail message claim to be from F-Secure support.
The message appears as follows:
From: supportupdate@f-secure.com
Date: 26. August 2008 08:31
Subject: Data er tillagt og sendt med denne meddelelse.
Käre kunder!
Regning
Data er tillagt og sendt med denne meddelelse.
Jeg bruger gratis F-secure antispamversion, som allerede har fjernet 338 spambreve.
Antispam er helt gratis for private brugere.
Attachment: f-secure.rar
The attachment contains a file called update26.08.2008.exe, which, when run, drops a file called dcbcg.exe that attempts to connect to a server located in Ukraine.
The IP address to which Agent.FVO attempts to connect hosts a fake version of MP3.com.Last update 27 August 2008
