F-Secure Malware Information Pages: Trojan-Downloader:JS/Agent.ANI

Main Index

Security Guide

F-Secure World Map

Security Alerts

Virus Statistics

Malware Removal Tools

Malware Code Glossary

Submit Malware Sample

Select local site

Main Index » Security Centre » Descriptions

F-Secure Malware Information Pages: Trojan-Downloader:JS/Agent.ANI

[Summary] \| [Detailed Description]
Name :	Trojan-Downloader:JS/Agent.ANI
Alias:	Trojan-Downloader.JS.Agent.ani
Type:	Trojan-Downloader
Category:	Malware
Platform:	JS

Radar

Summary

Trojan-Downloader:JS/Agent.ANI exploits a vulnerability in a PPStream ActiveX control to download and execute arbitrary code on the exploited system.

Back to the Top

Detailed Description

Trojan-Downloader:JS/Agent.ANI exploits a buffer overflow vulnerability in the PowerPlayer.dll ActiveX control in PPStream versions 2.0.1.3829.

It injects a shellcode that downloads and executes arbitrary files.

The downloaded file is saved to the following location:

C:\c.exe

The vulnerability is referenced as CVE candidate CVE-2007-4748.

Back to the Top

F-Secure Corporation

Last Modified: April 29, 2008