My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Trojan.Exploit.ANPI

MEDIUM
LOW
~2-3KB
(Trojan-Downloader.JS.Agent.dak, Exploit:JS/Mult.AC, VBS/Spyme.HC)

Symptoms

There are no obvious symptoms related to this very component and the behavior of the other malware components downloaded by this script can vary (can include any malware-related activities).

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Marius Vanta, virus researcher

Technical Description:

This is a Visual Basic Script which uses simple obfuscation techniques to hide it's purpose and evade signatures based detection engines. It is downloaded (while surfing the internet) from malicious websites or some legitimate websites which were usually infected through SQL Injection attacks. It's purpose is to exploit a vulnerability in Internet Explorer (the ADODB.Stream object) in order to download, save and then execute infected files from the internet.
This component is only a part of a complex infection mechanism which will download and install various trojan files to the unaware user's computer.