1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




Trojan-Downloader:JS/Agent.CTL

Name : Trojan-Downloader:JS/Agent.CTL
Detection Names : Trojan-Downloader:JSAgent.CTL
Category:Malware
Type:Trojan-Downloader
Platform:JS

Summary

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Additional Details

This trojan-downloader affects users browsing either a malicious website or a legitimate website which has been compromised. The malware uses Shockwave SWFObject (SWF) Java Script to forcibly run the following crafted SWF content on the browser page:


http://jzm015.cn/[...]115.swf
http://jzm015.cn/[...]64.swf
http://jzm015.cn/[...]47.swf
http://jzm015.cn/[...]45.swf
http://jzm015.cn/[...]28.swf
http://jzm015.cn/[...]16.swf


Running any of these content files triggers the download and execution of a malware file detected as Exploit.SWF.Downloader.eh.