TROJ_MDROP.AH |
|
| BugsAlert Home > TROJ_MDROP.AH | |
|
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview This Trojan arrives as attachment to email messages spammed by another malware or a malicious user. It may be dropped by other malware and may be downloaded unknowingly by a user when visiting malicious Web site(s). It takes advantage of a known vulnerability in Microsoft Excel that allows remote code execution. More information on the said vulnerability is available here. Once it successfully exploits the said vulnerability, it executes a shell code that allows it to drop any of several embedded files on the affected system, including BKDR_AGENT.SNI, BKDR_PCCLIEN.AAA, TROJ_SMALL.DCJ, and BKDR_PCCLIEN.AJT. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_MDROP.AH Learn more about TROJ_MDROP.AH |
|
| Tags: troj mdrop.ah | |
Related Items |
|
|
FrSIRT - Fedora Security Update Fixes AdminUtil Multiple Vulnerabilities
|
|
|
CVE-2008-1425 (Easy-Clanpage)
|
|
|
CVE-2008-0449 (VP_ASP)
|
|
|
Vuln: Microsoft Windows Image Acquisition Logger ActiveX Control Arbitrary File Overwrite Vulnerability
|
|
|
Any idea which bug this is?
|
|
|
Bugtraq: CORE-2008-0526: Adobe Reader Javascript Printf Buffer Overflow
|
|
|
CVE-2008-4664 (qvod_player)
|
|
