|
Description:
This Trojan is Trend Micro's detection for a modified Windows Metafile (WMF) that takes advantage of a vulnerability discussed in the following Microsoft page:
The said vulnerability is a zero-day exploit that is capable of remote code execution. Zero-day exploits are termed as such because the unpatched vulnerability and its corresponding exploit code are released within the same day. This may pose as a dangerous situation in which a lot of computers may be affected due to the availability of exploit code, and the fact that the vendor has not been given enough time to patch it.
Once exploited successfully, the said vulnerability allows this Trojan to connect to the Web site www.ritztou{BLOCKED}ersion2005/specials/flash/osz/ and download the file LUCKLY.EXE. The said file is detected by Trend Micro as BKDR_BIFROSE.CI. The said action further exposes the affected system to malicious threats.
This Trojan may be downloaded from a malicious Web site. It may also be sent as an attachment to spammed email messages. The email message, to which a copy of this Trojan is attached, has the following details:
Subject: happy new year
Attachments: HappyNewYear.jpg
Body: picture of 2006
For additional information about this threat, see:
Solution
Technical Details
Description created: Dec. 31, 2005 11:50:41 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
