Home > Threat descriptions >

MultiDropper-LA

Classification

Category: Malware

Type: -

Aliases: MultiDropper-LA, Neblso.A, W32/MultiDropper-LA

Summary


Files detected as MultiDropper-LA drop already detected worms into the system's temporary files folder and execute them.

Removal


We have received four samples which, upon being executed, will drop two files into the system's temporary files folder. The dropped files are old malware, already detected by F-Secure Anti-Virus.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


All the variants we received drop two files. We now provide their filenames and current detection results.

  • %Temp%/document.txt .exe Infected: W32/NetSky.P@mm
  • %Temp%/your_details.exe Infected: I-Worm.Sobig.f
  • %Temp%/document.txt .exe Infected: W32/NetSky.P@mm
  • %Temp%/msblast.exe Infected: Worm.Win32.Lovesan.a
  • %Temp%/document.txt.jpg Infected: W32/NetSky.P@mm
  • %Temp%/msbLAST.EXE-1C3A3376.pf.exe Not an executable
  • %Temp%/your_details.exe Infected: I-Worm.Sobig.f
  • %Temp%/msblast.exe Infected: Worm.Win32.Lovesan.a

Afterwards those files are run, triggering all the known effects produced by those worms.