1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Virus Descriptions
  6. Trojan-Downloader:W32/Agent.BUV

Trojan-Downloader:W32/Agent.BUV

Name : Trojan-Downloader:W32/Agent.BUV
Size:13077
Category:Malware
Type:Trojan-Downloader
Platform:W32

Summary

Trojan-Downloader:W32/Agent.BUV downloads malicious files from a remote server.

It then executes and installs the downloaded files.

Additional Details

Upon execution, this malware creates a copy of itself at the following location:

  •  %windir%\system\internat.exe

It then creates a BAT file that will be used to delete the original file executed by user.

It will then create the following processes:

  •  %windir%\system\internat.exe
  •  %programfiles%\Internet Explorer\IEXPLORE.EXE

The file called internat.exe is the malware's own process.

It attempts to download additional files from the following URLs:

  •  http://www.smsunionmm.com/107/tj.htm
  •  http://www.smsunionmm.com/107/tj10.htm

Note: The URLs were offline during our period of investigation.