Trojan.Exploit.ANOI
LOW
MEDIUM
aprox 1.5 kb
(JS_AGENT.ARVC , JS/Downloader.gen, Trojan.Exploit.SSX, Downloader.Agent.ku, JS/Downloader.Agent)
Symptoms
There are no obvious signs until the attacker manages to infiltrate the system ( the final downloaded malware varies ).
Removal instructions:
It's always better to prevent : keep the antivirus updated, as well as any application that you might use (Flash Player).
Please let BitDefender disinfect your files.
Analyzed By
Daniel Chipiristeanu, virus researcher
Technical Description:
This piece of malware consists in a script written in
Javascript which belongs to a chain of "
web based threats" that uses numerous exploits to attack unaware users. The basic mechanism of this kind of threat is described here :
Trojan.Exploit.SSX.
The script uses a
deconcept SWFObject to find out the version of
Flash Player. It exploits different versions of Flash Player 9. It does this in order to check which exploited
SWF file to give to the client for the vulnerable versions. The
SWF exploit is detected as
Exploit.SWF.Gen and downloads another malware depending on the infected website.
SHARE
THIS ON