TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
VBS_PSYME.B
Overview
Solution

Malware type: VBScript

Aliases: Trojan-Downloader.VBS.Psyme.a (Kaspersky), VBS/Psyme (McAfee), VBS.Downloader.Trojan (Symantec), VBS/Psyme (Avira), Troj/Psyme-B (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 95, 98, ME, NT, 2000, XP

Encrypted: Yes

Overall risk rating:

Reported infections:

Damage potential:

 Low

Distribution potential:

 Low

Description: 

This Visual Basic (VB) script malware is designed to install a backdoor program to a target host. It usually resides on a certain site, which automatically redirects a target user to another site.

It downloads the following files from a specific URL and drops them on a target machine:

  • 5.EXE
  • BKDR_SDBOT.GEN, which it drops as the file SVCHOST.EXE

It runs on Windows 95, 98, ME, NT, 2000, and XP.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jan. 31, 2004 2:57:23 PM GMT -0800
Description updated: Jan. 31, 2004 2:57:20 PM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.