|
Details:
This file infector may be dropped by other malware. It is the Trend Micro detection for the modified copy of the following Windows legitimate files that are injected with malicious code:
- EXPLORER.EXE
- LSSASS.EXE
- SERVICES.EXE
- SPOOLSV.EXE
- SVCHOST.EXE
- WINLOGON.EXE
Upon execution, this file infector uses a certain API to load and execute the file EOQ.DLL, which is detected by Trend Micro as TROJ_AGENT.DGW.
As a result, malicious routines of the .DLL file are executed on the affected system.
This file infector runs on Windows 98, ME, NT, 2000, XP, and Server 2003.
Analysis By: Jessa De La Torre Updated By: Emmanuel Alma Revision History:
For additional information about this threat, see:
Overview
Solution
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
