Malware type: Trojan

Aliases: Trojan-Dropper.Win32.Agent.cde (Kaspersky), Spy-Agent.bv.gen (McAfee), Trojan.Pandex (Symantec), TR/Drop.Agent.cde (Avira), Troj/Pushdo-Gen (Sophos), VirTool:WinNT/Cutwail.gen!B (Microsoft)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

Malware Overview

This Trojan arrives via spammed Hentai email messages. It can be downloaded from remote sites or dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites.

Upon execution, this Trojan drops several files. It then creates a registry entry to enable its automatic execution at every system startup.

It deletes itself after execution.

This Trojan exhibits rootkit capabilities. It hides certain files and registry entries. It also opens a hidden Internet Explorer window.

For additional information about this threat, see:
Solution
Technical Details

Description created: Oct. 10, 2007 1:11:52 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.