Agent.BKY

Threat description

Details

CATEGORYMalware
TYPETrojan-Downloader, Worm
ORIGINChina

Summary

Agent.BKY is a worm and a trojan-downloader. It infects .HTML, .PHP and some other files with a small script that points to a website, hosting a file with the recently discovered (March/April 2007) ANI exploit.

The worm also spreads to remote and removable drives, modifies the HOSTS file and downloads more malicious files onto an infected computer. This malware is similar to the worm that we detect as Worm:W32/Anito.A.



Removal

Automatic action

Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.

More scanning & removal options

More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Our investigation revealed that this worm and trojan-downloader is similar to the one that we detect as Worm:W32/Anito.A and Worm.Win32.Diska.C.

More information on Anito.A worms can be found here: https://www.f-secure.com/v-descs/anito_a.shtml

Detection

Detection Type: PC

Database: 2007-03-31_01

Submit a Sample

Suspect a file or URL was wrongly detected?
Send it to our Labs for further analysis

Submit a Sample

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

More Info