Threat Description

Agent.BKY

Details

Aliases: Agent.BKY
Category: Malware
Type: Trojan-Downloader, Worm
Platform: W32

Summary



Agent.BKY is a worm and a trojan-downloader. It infects .HTML, .PHP and some other files with a small script that points to a website, hosting a file with the recently discovered (March/April 2007) ANI exploit.

The worm also spreads to remote and removable drives, modifies the HOSTS file and downloads more malicious files onto an infected computer. This malware is similar to the worm that we detect as Worm:W32/Anito.A.



Removal



Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details



Our investigation revealed that this worm and trojan-downloader is similar to the one that we detect as Worm:W32/Anito.A and Worm.Win32.Diska.C.

More information on Anito.A worms can be found here: http://www.f-secure.com/v-descs/anito_a.shtml



Detection



Detection Type: PC
Database: 2007-03-31_01




SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More