Exploit.JS.Agent.F

( Exploit.JS.Agent.vj )

Spreading:	high
Damage:	medium
Size:	~2 kbytes
Discovered:	2008 Sep 17

SYMPTOMS:

Presence of a file named ~.exe in Content.IE5 folder
(eg. c:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 )

TECHNICAL DESCRIPTION:

This is an exploit for MS06-071 vulnerability in Microsoft XML Core Services. When executed, this script will download the file hxxp://????2w43iudeo38a.com/v382/getexe.exe?o=1&t=1221373836&i=1136370027&e=12, save it under ~.exe in Content.IE5 folder and then execute it. When this description was made the URL was not active.

Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Dana Stanut, virus researcher

Intelligence Report Archives

Virus Encyclopedia
Real-time Virus Reporting
Security rules
Naming Convention

Quick Links » New Game Safe » Renew License » Self Service » Free Online Scanner