|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Trojan-Downloader:JS/Agent.CTL

|
|
|
| Radar |
 |
|
|
|
Summary
|
| This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files. |
|
|
|
Additional Details
|
This trojan-downloader affects users browsing either a malicious website or a legitimate website which has been compromised. The malware uses Shockwave SWFObject (SWF) Java Script to forcibly run the following crafted SWF content on the browser page:
http://jzm015.cn/[...]115.swf http://jzm015.cn/[...]64.swf http://jzm015.cn/[...]47.swf http://jzm015.cn/[...]45.swf http://jzm015.cn/[...]28.swf http://jzm015.cn/[...]16.swf
Running any of these content files triggers the download and execution of a malware file detected as Exploit.SWF.Downloader.eh. |
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: September 05, 2008
|
|
|
|
|