|
|
|  |
|
|
|
|
F-Secure Malware Information Pages: Trojan-Downloader:W32/Small.EJK

|
|
|
| Radar |
 |
|
|
|
Summary
|
| Small.EJK is a trojan-downloader that is included in a spam run in Germany. |
|
|
|
Detailed Description
|
Small.EJK is a trojan-downloader that is included in a spam run in Germany.
A sample mail is as follows:

Upon execution, it downloads a trojan-spy from a remote addresses on the web using the following script:
- http://81.95.147.138/[REMOVED]/get_exe.php
- http://marketing-know-how.com/[REMOVED]/get_exe.php
- http://tncmhg.com/images/[REMOVED]/get_exe.php
- http://www.eurowing.us/[REMOVED]/get_exe.php
- http://www.thaitradeshow.com/images/[REMOVED]/get_exe.php
An earlier version of the downloaded trojan was detected as Trojan-Spy.Win32.BZub.IJ. This was later changed/modified most probably by the author(s). The updated copy is now detected as Trojan-Spy:W32/BZub.IK. |
|
|
|
F-Secure Corporation |
|
|
|
|
|
Last Modified: March 23, 2007
|
|
|
|
|