|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Trojan-Downloader:JS/Agent.CTK

|
|
|
| Radar |
 |
|
|
|
Summary
|
| This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files. |
|
|
|
Additional Details
|
This trojan uses Shockwave Flash Object (SWFObject) Java Script to view the following crafted SWF content on the browser page:
- http://jzm015.cn/[Removed]115.swf
- http://jzm015.cn/[Removed]64.swf
- http://jzm015.cn/[Removed]47.swf
- http://jzm015.cn/[Removed]45.swf
- http://jzm015.cn/[Removed]28.swf
- http://jzm015.cn/[Removed]16.swf
All of the listed SWF files are detected as Exploit.SWF.Downloader.eh.
The purpose of the malicious flash file is to download additional malware. |
|
|
|
Detection
|
F-Secure Anti-Virus detects this malware with the following updates: [FSAV_Database_Version] Version = 2008-08-06_01.
|
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: September 04, 2008
|
|
|
|
|