~ 10 Kb
This is a downloader script so you will most likely notice the efect of the malware it downloads.The malware that this script downloads is now detected as Trojan.Proxy.Ranky.GG
Please let BitDefender disinfect your computer.
Mihai Cimpoesu, Virus Researcher
It comes as an embedded, very obfuscated JS script inside a html page that displays the "404 - Document not found message" error message.
It takes advantage of the Microsoft WebViewFolderIcon ActiveX Control Buffer Overflow Vulnerability to allow the download code that is stored in a JS unescape sequence to be executed and thus downloading the malware found at address http://lakisman.info/logo/[removed]
If, by any chance this exploit fails it has another possibility to download the malware by using one vulnerability in the ADODB.Stream object from Internet Explorer. A description of this vulnerability can be found here : http://support.microsoft.com/default.aspx?scid=kb;EN;870669