Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Trojan-Downloader:W32/Small.EKV


Discovered:
Aliases:


March 29, 2007
Trojan-Downloader:W32/Small.EKV

Malware
Trojan-Downloader
W32

Summary

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details

Trojan-Downloader:W32/Small.EKV attempts to download and install other malware to the system. Small.EKV arrives on the system as a downloaded file of Exploit:W32/Ani.C.


Execution

Upon execution, it launches Internet Explorer by using the following hard-coded path:

  • C:\program files\Internet Explorer\Iexplore.exe

It then injects the code to Internet Explorer and proceeds to download and execute another file from the following site:

  • http://220.71.76.189/[REMOVED].exe

The site listed above is currently inaccessible as of the time of this writing.

Detection

F-Secure Anti-Virus detects this malware with the following updates:

Detection Type: PC
Database: 2007-03-29_10







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.

Scan and clean your PC




F-Secure Online Scanner will scan and clean your PC in just a few minutes for free