|
Description:
This malicious Visual Basic Script (VBS) usually arrives on a system as a file downloaded from the Internet by unsuspecting users when visiting malicious Web sites. It may also arrive as a file dropped or downloaded by other malware.
Upon execution, it connects to the following URL to download a malicious file detected by Trend Micro as TROJ_AGENT.OFB:
http://216.95.{BLOCKED}.22/tool/package.exe?affid=477
The said file is saved in the Temporary folder with the file name SVCIPA.EXE. This VB Script also executes the downloaded file.
As a result of this, the behavior of the downloaded Trojan may be observed on the affected system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Mar. 5, 2007 12:31:18 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
