BitDefender Antivirus
Contact Us | My BitDefender

Trojan.Exploit.ANPI

( Trojan-Downloader.JS.Agent.dak, Exploit:JS/Mult.AC, VBS/Spyme.HC )
Spreading: medium
Damage: low
Size: ~2-3KB
Discovered: 2008 Dec 02

SYMPTOMS:

There are no obvious symptoms related to this very component and the behavior of the other malware components downloaded by this script can vary (can include any malware-related activities).

TECHNICAL DESCRIPTION:

This is a Visual Basic Script which uses simple obfuscation techniques to hide it's purpose and evade signatures based detection engines. It is downloaded (while surfing the internet) from malicious websites or some legitimate websites which were usually infected through SQL Injection attacks. It's purpose is to exploit a vulnerability in Internet Explorer (the ADODB.Stream object) in order to download, save and then execute infected files from the internet.
This component is only a part of a complex infection mechanism which will download and install various trojan files to the unaware user's computer.


Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Marius Vanta, virus researcher
©   2009 BITDEFENDER SiteMap | Legal Terms | Site Feedback | Global Sites | Privacy Policy