Trojan.Exploit.ANPI
MEDIUM
LOW
~2-3KB
(Trojan-Downloader.JS.Agent.dak, Exploit:JS/Mult.AC, VBS/Spyme.HC)
Symptoms
There are no obvious symptoms related to this very component and the behavior of the other malware components downloaded by this script can vary (can include any malware-related activities).
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Marius Vanta, virus researcher
Technical Description:
This is a Visual Basic Script which uses simple obfuscation techniques to hide it's purpose and evade signatures based detection engines. It is downloaded (while surfing the internet) from malicious websites or some legitimate websites which were usually infected through SQL Injection attacks. It's purpose is to exploit a vulnerability in Internet Explorer (the ADODB.Stream object) in order to download, save and then execute infected files from the internet.
This component is only a part of a
complex infection mechanism which will download and install various trojan files to the unaware user's computer.
SHARE
THIS ON