1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Labs
  2. Threats
  3. Virus and threat descriptions
  4. Fox

Fox

Name:FoxJS/Fox, Trojan.JS.Wipe
Category:Trojan
Platform:JS

Summary

This is a simple script trojan that attempt to delete files when executed.

Additional Details

Summary

Fox is a simple trojan that attempts to exploit a vulnerability in Internet Explorer to execute. When executed the trojan attempts to delete critical system files, for example:
  • C:\WINDOWS\SYSTEM.INI
  • C:\WINDOWS\WIN.INI
  • C:\WINDOWS\COMMAND.COM
  • C:\COMMAND.COM
The vulnerability that the trojan exploits is known as scriptlet.typelib Vulnerability (MS99-032/CVE-1999-0668). Further details, including a fix, is available from Microsoft:

http://www.microsoft.com/technet/Security/Bulletin/MS99-032.mspx





Write-up: Sami Rautiainen