Threat Description

Trojan-Downloader:​W32/Small.EKV

Details

Aliases:Trojan-Downloader:​W32/Small.EKV
Category:Malware
Type:Trojan-Downloader
Platform:W32

Summary



This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More

You may wish to refer to the Support Community for further assistance. You may also refer to General Removal Instructions for a general guide on alternative disinfection actions.



Technical Details



Trojan-Downloader:W32/Small.EKV attempts to download and install other malware to the system. Small.EKV arrives on the system as a downloaded file of Exploit:W32/Ani.C.

Execution

Upon execution, it launches Internet Explorer by using the following hard-coded path:

  • C:\program files\Internet Explorer\Iexplore.exe

It then injects the code to Internet Explorer and proceeds to download and execute another file from the following site:

  • http://220.71.76.189/[REMOVED].exe

The site listed above is currently inaccessible as of the time of this writing.

Detection


F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC
Database: 2007-03-29_10






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

Learn More