Malware type: Trojan

Aliases: Exploit.MSPPoint.Agent.c (Kaspersky), Trojan.PPDropper (Symantec),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

Malware Overview

This Trojan may arrive as an attachment to email messages sent by a remote malicious user. It exploits a yet undetermined vulnerability found in Microsoft Powerpoint to download and execute a file from the URL, http://61.2{BLOCKED}32.80/index.exe.

However, the mentioned URL is inaccessible as of this writing.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jul. 20, 2006 9:32:16 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.