Threat Description

Trojan-Downloader:​JS/Agent.D

Details

Aliases: Trojan-Downloader:​JS/Agent.D
Category: Malware
Type: Trojan-Downloader
Platform: JS

Summary



This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.



Removal



Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details



Trojan-Downloader:W32/Agent.D is typically found on certain malicious sites.When activated, it downloads an EXE file from a website and saves it into the root directory of the C: drive. The downloaded file is then run.

The trojan also drops a file named CMD.BAT into the root directory of the C: drive. This BAT file is used for cleanup purposes only: it deletes the trojan's file from the hard disk.

Note

Technically. Agent.D's executable file is an HTML Application (HTA file). This file type is normally run by the MSHTA.EXE application, a program that comes standard with Windows.

While it is running, Agent.Dhides its window from the user when it is running by resizing the window to a zero size and preventing it from being visible in the Taskbar.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

Learn More