TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
TROJ_TARODROP.Q
Overview
Solution

Malware type: Trojan

Aliases: Trojan-Dropper.Ichitaro.Tarodrop.g (Kaspersky), Exploit-TaroDrop.c (McAfee), Trojan.Tarodrop.D (Symantec), TR/Drop.Ichitaro.Tarodrop.G (Avira),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 Medium

Distribution potential:

 Low

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

TROJ_TARODROP.Q Behavior Diagram

Malware Overview

This Trojan is a document file used by Ichitaro, a popular word processing application in Japan produced by JustSystem. Note that its extension name is .JTD.

It exploits a vulnerability in the aforementioned application to drop and execute an embedded EXE file. Trend Micro detects the embedded file as TROJ_SMALL.GQM.

It then executes the dropped file. As a result, routines of the embedded Trojan are also exhibited on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Aug. 3, 2007 4:28:14 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.