TROJ_DROPPER.OX |
|
| BugsAlert Home > TROJ_DROPPER.OX | |
|
Upon execution, this Trojan shows the following error message:
It displays an icon similar to that of the Windows Media Player. Its malicious routine involves dropping .COM files that have same names as legitimate .EXE files, like CMD.EXE and REGEDIT.EXE (i.e. It drops files like CMD.COM and REGEDIT.COM). Since Windows executes .COM files first before .EXE files, the said file-dropping routine prevents the execution of applications, such as the Command Prompt, Registry Editor, Trace Route, and Network Status. In addition, this Trojan hides the Windows system folder and drops a malicious file into the said folder. Trend Micro detects the said file as WORM_RBOT.CNG. Original Source: http://feeds.trendmicro.com/~r/MalwareTop10/~3/179761145/default5.asp Learn more about TROJ_DROPPER.OX |
|
| Tags: troj dropper.ox | |
Related Items |
|
|
Debian: New roundup packages fix regression
|
|
|
Gentoo update for firebird
|
|
|
VirusResponse2009
|
|
|
Bugtraq: [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure
|
|
|
WORM_AUTORUN.AQV
|
|
|
FrSIRT - OpenCA Data Processing Cross Site Request Forgery Vulnerabilities
|
|
|
CVE-2008-1930 (WordPress)
|
|
