My Bitdefender
  • 0 Shopping Cart


Facebook Twitter Google Plus


aprox 1.5 kb
(JS_AGENT.ARVC , JS/Downloader.gen, Trojan.Exploit.SSX, Downloader.Agent.ku, JS/Downloader.Agent)


There are no obvious signs until the attacker manages to infiltrate the system ( the final downloaded malware varies ).

Removal instructions:

It's always better to prevent : keep the antivirus updated, as well as any application that you might use (Flash Player).
Please let BitDefender disinfect your files.

Analyzed By

Daniel Chipiristeanu, virus researcher

Technical Description:

This piece of malware consists in a script written in Javascript which belongs to a chain of "web based threats" that uses numerous exploits to attack unaware users. The basic mechanism of this kind of threat is described here : Trojan.Exploit.SSX.

The script uses a deconcept SWFObject  to find out the version of Flash Player. It exploits different versions of Flash Player 9. It does this in order to check which exploited SWF file to give to the client for the vulnerable versions. The SWF exploit is detected as Exploit.SWF.Gen  and downloads another malware depending on the infected website.