Jul23
12:39 pm (UTC-7)   |   by Jasper Pimentel (Advanced Threats Researcher)

We’ve just received new samples of a Trojan downloader recently
(MD5 hash: c45802f78f5355e50b954cf797335784)
and a pattern is currently in the works to detect them.


Initial analysis shows that this Trojan connects to a predefined URL and downloads a malicious file. It may be received as an email attachment with the filename
DC001.JPG_______________________________JPG.EXE.

The filename and icon are constructed to trick users into opening it, under the assumption that it is an JPEG picture file.


This new sample is detected as TROJ_DLOADER.DHX. Its detection is available since CPR 3.574.02.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Sunday, July 23rd, 2006 at 12:39 pm and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



Comments are closed.


Malware Poses as Microsoft Update
Possible PPT 0day Used In Targeted Attack


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice