Trojan-Downloader:W32/Small.EJK

Classification

Malware

Trojan-Downloader

W32

Trojan-Downloader:W32/Small.EJK

Summary

Small.EJK is a trojan-downloader that is included in a spam run in Germany.

Removal

Automatic action

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

Find out more

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

Small.EJK is a trojan-downloader that is included in a spam run in Germany.A sample mail is as follows:

Upon execution, it downloads a trojan-spy from a remote addresses on the web using the following script:

  • http://81.95.147.138/[REMOVED]/get_exe.php
  • http://marketing-know-how.com/[REMOVED]/get_exe.php
  • http://tncmhg.com/images/[REMOVED]/get_exe.php
  • http://www.eurowing.us/[REMOVED]/get_exe.php
  • http://www.thaitradeshow.com/images/[REMOVED]/get_exe.php

An earlier version of the downloaded trojan was detected as Trojan-Spy.Win32.BZub.IJ. This was later changed/modified most probably by the author(s). The updated copy is now detected as Trojan-Spy:W32/BZub.IK.

Date Created: -

Date Last Modified: -