|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This Trojan may be downloaded from remote sites by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
Upon execution, it drops copies of itself. It creates registry entries to enable its automatic execution at every system startup.
It modifies registry entries to hide files with both System and Read-only attributes.
It creates registry key(s)/entry(ies) as part of its installation routine.
It connects to a Web site to download a text file. The said text file contains a link to a malicious Web site that downloads and executes a file that Trend Micro detects as TROJ_DLOADER.VKH. As a result, malicious routines of the downloaded files are exhibited on the affected system. It also creates mutex(es) to ensure that only one instance of itself is running in memory.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jan. 14, 2009 5:12:39 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
