TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
JS_WONKA.AS
Overview
Solution

Malware type: JavaScript

Aliases: Trojan-Downloader.JS.Small.dn (Kaspersky), JS/Wonka (McAfee), Downloader (Symantec), JS/Small.DN (Avira), Mal/ObfJS-H (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Medium

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

JS_WONKA_AS Behavior Diagram

Malware Overview

This malicious JavaScript file is usually embedded in HTML pages hosted in a Web site.

It takes advantage of the Windows Microsoft Data Access Components (MDAC) Function vulnerability to download files that are detected by Trend Micro as WORM_SOHANAD.AF. As a result, the routines of the related worm may be exhibited on the affected system.

For more information regarding the mentioned vulnerability, refer to the following Microsoft Web page:

For additional information about this threat, see:
Solution
Technical Details

Description created: Jan. 18, 2007 10:25:58 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.