Threat Description

Trojan-Downloader:​W32/Small.EKV

Details

Aliases: Trojan-Downloader:​W32/Small.EKV
Category: Malware
Type: Trojan-Downloader
Platform: W32

Summary



This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.



Removal



Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details



Trojan-Downloader:W32/Small.EKV attempts to download and install other malware to the system. Small.EKV arrives on the system as a downloaded file of Exploit:W32/Ani.C.

Execution

Upon execution, it launches Internet Explorer by using the following hard-coded path:

  • C:\program files\Internet Explorer\Iexplore.exe

It then injects the code to Internet Explorer and proceeds to download and execute another file from the following site:

  • http://220.71.76.189/[REMOVED].exe

The site listed above is currently inaccessible as of the time of this writing.

Detection


F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC
Database: 2007-03-29_10






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

Learn More