This downloader Trojan is compact, with a file size of 7,680 bytes. It is coded to connect to four different web sites in an attempt to download a binary program named "silent_install.exe".
The file downloaded is identified by current AV db as "AdClicker.BA-dr".
This Trojan attempts to connect with the following domains in order to dowload the binary -
- check the main screen using the web interface to
ensure the latest AV/NIDS database has been downloaded
and installed -- if required, enable the "Allow
Push Update" option