F-Secure
Tools
Trojan-Downloader:JS/Agent.ANI
| Name : | Trojan-Downloader:JS/Agent.ANI |
| Category: | Malware |
| Type: | Trojan-Downloader |
| Platform: | JS |
Summary
Trojan-Downloader:JS/Agent.ANI exploits a vulnerability in a PPStream ActiveX control to download and execute arbitrary code on the exploited system.
Additional Details
Trojan-Downloader:JS/Agent.ANI exploits a buffer overflow vulnerability in the PowerPlayer.dll ActiveX control in PPStream versions 2.0.1.3829.
It injects a shellcode that downloads and executes arbitrary files.
The downloaded file is saved to the following location:
The vulnerability is referenced as CVE candidate CVE-2007-4748.
It injects a shellcode that downloads and executes arbitrary files.
The downloaded file is saved to the following location:
• C:\c.exe
The vulnerability is referenced as CVE candidate CVE-2007-4748.