|
Description:
This Trojan may be downloaded from remote sites by other malware. It may also be dropped by other malware.
Upon execution, it drops several files, some of which are detected as TROJ_INJECT.NI. A dropped non-malicious file contains the the path and file name of the malware. It then injects threads into a normal process as part of its memory-residency routine. This Trojan also modifies a registry entry to enable its automatic execution at every system startup.
This Trojan opens a hidden Internet Explorer window. It connects to an IP address. However, the said IP address is not accesible as of this writing. It also restarts the affected system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Nov. 17, 2008 3:47:48 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
