Select local site

| Japanese | Simplified Chinese | Traditional Chinese (Hong Kong) | Traditional Chinese (Taiwan)

F-Secure Malware Information Pages: Trojan-Downloader:JS/Agent.CTL
[Summary] | [Additional Details]

Name : Trojan-Downloader:JS/Agent.CTL
Detection Names : Trojan-Downloader:JSAgent.CTL
Type:Trojan-Downloader
Category:Malware
Platform:JS
Radar

Summary
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Back to the Top

Additional Details
This trojan-downloader affects users browsing either a malicious website or a legitimate website which has been compromised. The malware uses Shockwave SWFObject (SWF) Java Script to forcibly run the following crafted SWF content on the browser page:


http://jzm015.cn/[...]115.swf
http://jzm015.cn/[...]64.swf
http://jzm015.cn/[...]47.swf
http://jzm015.cn/[...]45.swf
http://jzm015.cn/[...]28.swf
http://jzm015.cn/[...]16.swf


Running any of these content files triggers the download and execution of a malware file detected as Exploit.SWF.Downloader.eh.
Back to the Top



F-Secure Corporation

Last Modified: September 05, 2008