1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




Trojan-Downloader:JS/Agent.CTK

Name : Trojan-Downloader:JS/Agent.CTK
Detection Names : Trojan-Downloader:JS/Agent.CTK
Category:Malware
Type:Trojan-Downloader
Platform:JS

Summary

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Additional Details

This trojan uses Shockwave Flash Object (SWFObject) Java Script to view the following crafted SWF content on the browser page:

  •  http://jzm015.cn/[Removed]115.swf
  • http://jzm015.cn/[Removed]64.swf
  • http://jzm015.cn/[Removed]47.swf
  • http://jzm015.cn/[Removed]45.swf
  • http://jzm015.cn/[Removed]28.swf
  • http://jzm015.cn/[Removed]16.swf

All of the listed SWF files are detected as Exploit.SWF.Downloader.eh.

The purpose of the malicious flash file is to download additional malware.

Detection

F-Secure Anti-Virus detects this malware with the following updates:
[FSAV_Database_Version]
Version = 2008-08-06_01.