TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TROJ_PUSHDO.AR
Overview
Solution

Malware type: Trojan

Aliases: Trojan.Win32.Pakes.bqb (Kaspersky), Generic.dx (McAfee), Trojan Horse (Symantec), Worm/Ntech.T (Avira), Troj/Pushdo-Gen (Sophos), VirTool:WinNT/Cutwail.gen!B (Microsoft)

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 Medium

Distribution potential:

 Low

Infection Channel 1 : Spammed via email

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

TROJ_PUSHDO.AR Behavior Diagram

Malware Overview

This Trojan may arrive as an attachment to email messages spammed by other malware or a malicious user.

Below is a screenshot of the mentioned spammed message:

TROJ_PUSHDO.AR

It can also be downloaded from remote sites by other malware.

It connects to a certain URL to download and execute a malicious file detected by Trend Micro as TROJ_PANDEX.AR. As a result, malicious routines of the downloaded files may be exhibited on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Nov. 25, 2007 1:39:41 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.