Cart
Trojan.Obfuscated.LA( Trojan.Win32.Obfuscated.ddk, TR/Obfuscated.ddk )
SYMPTOMS: Symptoms are not easily visible for the user.
An instance of iexplorer.exe can be seen in Task Manager but only for a small period of time. This instance is not associated with any Internet Explorer windows. TECHNICAL DESCRIPTION: Trojan.Obfuscated.LA is a trojan downloader. It tries to download a file from hxxp://upd.host-domain-look
In order not to be detected by the firewall the program injects a part of it's code into a new process (iexplorer.exe) that it previously created. After the new malware is downloaded and put into execution Trojan.Obfuscated.LA exits.
Currently at the above URL address the program encounters an HTTP error (304 Not Modified). This domain is associated with Trojan.Swizzor. Removal instructions: Please let BitDefender disinfect your files.ANALYZED BY: Andrei DAMIAN-FEKETE, virus researcher |
