My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Exploit.JS.Agent.F

HIGH
MEDIUM
~2 kbytes
(Exploit.JS.Agent.vj)

Symptoms

Presence of a file named ~.exe in Content.IE5 folder
(eg. c:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 )

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Dana Stanut, virus researcher

Technical Description:

This is an exploit for MS06-071 vulnerability in Microsoft XML Core Services. When executed, this script will download the file hxxp://????2w43iudeo38a.com/v382/getexe.exe?o=1&t=1221373836&i=1136370027&e=12, save it under ~.exe in Content.IE5 folder and then execute it. When this description was made the URL was not active.