1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Labs
  2. Threats
  3. Virus and threat descriptions
  4. Trojan-Dropper:OSX/Revir.B

Trojan-Dropper:OSX/Revir.B

Detection Names : Trojan-Dropper:OSX/Revir.B
Category:Malware
Type:Trojan-Dropper
Platform:OSX

Summary

Trojan-Dropper:OSX/Revir.B drops and executes a backdoor program detected as Backdoor:OSX/Imuler.A, while camouflaging its activity by opening a JPG file to distract the user.

Disinfection

Automatic

Allow F-Secure Anti-Virus for Mac to remove the relevant files.

Additional Details

Trojan-Dropper:OSX/Revir.B drops a JPG file in the /tmp folder, then opens it to distract the user from noticing any other ongoing activity.

Screenshot of a JPG file dropped by Trojan-Dropper:OSX/Revir.B.

Note that the JPG file in the screenshot above uses the name 'trojan.jpg'. The JPG file will actually use the same name as the trojan-dropper's binary file.


Activity

In the background, the malware will drop and execute a backdoor program (detected as Backdoor:OSX/Imuler.A):

  • /tmp/host