SHARE
THIS ON

Facebook Twitter Google Plus

Trojan.Obfuscated.LA

LOW
LOW
~300 kB
(Trojan.Win32.Obfuscated.ddk, TR/Obfuscated.ddk)

Symptoms

Symptoms are not easily visible for the user.

 

An instance of iexplorer.exe can be seen in Task Manager but only for a small period of time. This instance is not associated with any Internet Explorer windows.

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Andrei DAMIAN-FEKETE, virus researcher

Technical Description:

Trojan.Obfuscated.LA is a trojan downloader. It tries to download a file from 

hxxp://upd.host-domain-look.com/upd/check?version=0.1unk&fxp=9025<hex chars>

 

In order not to be detected by the firewall the program injects a part of it's code into a new process (iexplorer.exe) that it previously created. After the new malware is downloaded and put into execution Trojan.Obfuscated.LA exits.

 

Currently at the above URL address the program encounters an HTTP error (304 Not Modified).

This domain is associated with Trojan.Swizzor.
Antivirus Software For Home Users
Business Security Solutions
Latest News
Tools & Resources