Exploit.JS.BO.D
LOW
MEDIUM
~6 kbytes
(Trojan-Downloader.JS.Agent.fq,JS/XMLCore@expl,HTML.Xmlcore!exploit,Exp/MS06071-A)
Symptoms
Presence of file C:\U.exe, computer slowdown
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Dan Lutas, virus researcher
Technical Description:
Exploit.JS.BO.D exploits the MS06-071 vulnerability in Microsoft XML Core Services. When the script gets executed, it will download the file http://huyamilka.com/a[removed]/win32.exe and save it under C:\U.exe, then execute it.
SHARE
THIS ON