F-Secure Malware Information Pages: Agent.BKY

Main Index

Security Guide

F-Secure World Map

Security Alerts

Virus Statistics

Malware Removal Tools

Malware Code Glossary

Submit Malware Sample

Select local site

Main Index » Security Centre » Descriptions

F-Secure Malware Information Pages: Agent.BKY

[Summary] \| [Detailed Description] \| [Detection]
Name :	Agent.BKY
Alias:	W32/Fujacks.aa, Trojan-Downloader:W32/Agent.BKY, W32.Fubalca, ANIWorm, Trojan-Downloader.Win32.Agent.bky
Type:	Trojan-Downloader, Worm
Category:	Malware
Platform:	W32
Origin:	CHINA

Radar Alert

Level 2

Summary

Agent.BKY is a worm and a trojan-downloader. It infects .HTML, .PHP and some other files with a small script that points to a website, hosting a file with the recently discovered (March/April 2007) ANI exploit.

The worm also spreads to remote and removable drives, modifies the HOSTS file and downloads more malicious files onto an infected computer. This malware is similar to the worm that we detect as Worm:W32/Anito.A.

Back to the Top

Detailed Description

Our investigation revealed that this worm and trojan-downloader is similar to the one that we detect as Worm:W32/Anito.A and Worm.Win32.Diska.C.

More information on Anito.A worms can be found here:
http://www.f-secure.com/v-descs/anito_a.shtml

Back to the Top

Detection

F-Secure Anti-Virus detects this malware with the following updates:

[FSAV_Database_Version]

Version = 2007-03-31_01.

Back to the Top

F-Secure Corporation

Last Modified: April 02, 2007