Java/Binny.A is a Java applet trojan that uses vulnerability
in SUN Java Runtime to gain full access to system and
drops TrojanDownloader.Win32.Small.VQ.
Binny.A infects system through Java web browser plug-in,
when a web browser visits a malicious web page that contains
reference to trojan file.
Binny.A is otherwise quite similar to any other Java Applet
trojans, except that it uses vulnerability in Sun Java Runtime,
not Microsoft Runtime like other similar trojans do.
If you have Java Runtime that is older than 1.41_04 please upgrade
it.
Sun Advisory about the Java Runtime vulnerability:
As Binny.A uses Sun Java Runtime, it affects all web browsers not
just Internet Explorer. At least Mozilla, Mozilla Firefox and
Opera are affeted when user browses web with Java enabled and
using unpatched Java runtime.
Java/Binny.A is downloaded to system through malicious web page that
has the Java Applet in applet or object tag. When web browser has
downloaded the Binny.A it gives it to Sun Java Runtime for execution.
When Sun Java Runtime tries to execute the Binny.A uses tries to use
vulnerability to escalate it's privileges so that it can create files
and execute them.
If the Java Runtime is vulnerable the Binny.A drops
TrojanDownloader.Win32.Small.VQ and executes it.
Spreading in
Malicious web pages that use the Binny.A trojan to attack users web browser
and Java runtime.
Payload
When executed Binny.A drops TrojanDownloader.Win32.Small.VQ
