Trojan.Exploit.ANNZ

Spreading:	medium
Damage:	high
Size:	varies
Discovered:	2008 Oct 06

SYMPTOMS:

There are no obvious symptoms.

TECHNICAL DESCRIPTION:

You might remember the recent Trojan.Exploit.SSX , where a mechanism of infection trough exploits was described.

This threat acts the same as the mentioned one, except it tries to avoid detection by AV companies by adding an extra packer over its code. It's a known javascript packer which has the following format : eval(function(p,a,c,k,e,d){ [packed_code] }.

This time it downloads something different with the name "help.exe", which is detected as Backdoor.Generic.76302.

Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Daniel Chipiristeanu, virus researcher

Intelligence Report Archives

Virus Encyclopedia
Real-time Virus Reporting
Security rules
Naming Convention

Quick Links » New Game Safe » Renew License » Self Service » Free Online Scanner