| Alias/es | Trojan-Downloader.JS.Pegel.bc (KAV), JS_REDIRECTOR.CH (Trend), JS/Downloader.gen trojan (McAfee) |
| Release Date | Jun 10, 2010 |
| Detection Availability | Current Antivirus Definition Database Version: 12.309 | | Description | Visible Symptoms
- This malware tries to access a URL from a remote location. There may be no visible symptoms.
Detailed Analysis
- This detection is for obfuscated JavaScript codes that try to access a URL from a remote location.
- It may be received as an attachment from a SPAM email. An example of the email is the following:
- From: varies. Examples are the following:
- microsoft outlook support [cynicallytv@researchresponse.com]
- microsoft outlook support [lessonsso5@rotinconcept.com]
- hksunlogistics.com support [admin@hksunlogistics.com]
- To: recipient of the SPAM email.
- Subject: varies. Examples are the following:
- Outlook Setup Notification
- hksunlogistics.com account notification
- Body: varies. Examples are the following:
You have (8) messages from Microsoft Outlook.
Please re-configure your Microsoft Outlook again.
Download attached setup file and install.
|
Dear Customer,
This e-mail was send by hksunlogistics.com to notify you that we have temporanly prevented access to your account.
We have reasons to beleive that your account may have been accessed by someone else. Please run attached file and Follow instructions.
(C) hksunlogistics.com
|
- Attachment: open.html
- The URL that it tries to access is the following:
- http://[Removed].com/images/z.htm
As of this writing, the above web site redirects the browser to another website that shows advertisements for various pills/drugs.
|
Description Last Updated Date: Jun 15, 2010
Reference: ID - 1857282
|