Threat Descriptons



Category :


Type :


Aliases :



Java/Binny.A is a Java applet trojan that uses vulnerability in SUN Java Runtime to gain full access to system and drops TrojanDownloader.Win32.Small.VQ.


Upgrade your Java Runtime by installing J2SE v 1.4.2_05 JRE from

1. Open Control panel and click Java Plug-in icon

2. Select 'cache' tab and click 'clear' button

3. Scan your hard-drives for any additional trojans and other malware

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

Binny.A infects system through Java web browser plug-in, when a web browser visits a malicious web page that contains reference to trojan file.

Binny.A is otherwise quite similar to any other Java Applet trojans, except that it uses vulnerability in Sun Java Runtime, not Microsoft Runtime like other similar trojans do.

If you have Java Runtime that is older than 1.41_04 please upgrade it.

Sun Advisory about the Java Runtime vulnerability:

As Binny.A uses Sun Java Runtime, it affects all web browsers not just Internet Explorer. At least Mozilla, Mozilla Firefox and Opera are affeted when user browses web with Java enabled and using unpatched Java runtime.

Installation to system

Java/Binny.A is downloaded to system through malicious web page that has the Java Applet in applet or object tag. When web browser has downloaded the Binny.A it gives it to Sun Java Runtime for execution.

When Sun Java Runtime tries to execute the Binny.A uses tries to use vulnerability to escalate it's privileges so that it can create files and execute them.

If the Java Runtime is vulnerable the Binny.A drops TrojanDownloader.Win32.Small.VQ and executes it.

Spreading in

Malicious web pages that use the Binny.A trojan to attack users web browser and Java runtime.


When executed Binny.A drops TrojanDownloader.Win32.Small.VQ

More Support


Ask questions in our Community .

User Guides

Check the user guide for instructions.

Contact Support

Chat with or call an expert.

Submit a Sample

Submit a file or URL for analysis.