TROJ_PPDROP.K |
|
| BugsAlert Home > TROJ_PPDROP.K | |
|
This Trojan arrives on a system as a .PPS/.PPT file that is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites. Upon execution, it dropsseveral files, some of which are detected as BKDR_AGENT.ADGS. A dropped .TMP file is then injected into a running process to remain memory resident. As a result, routines of the dropped file are also exhibited on the affected system. To automate execution of the dropped malicious file, it also adds a registry entry. It takes advantage of the following software vulnerability to drop and execute the said component file: The said vulnerability in Microsoft Office may allow a remote user to use a malformed routing slip to execute malicious codes on the affected system. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_PPDROP.K Learn more about TROJ_PPDROP.K |
|
| Tags: troj ppdrop.k | |
Related Items |
|
|
FrSIRT - Avaya VP and AES LibTIFF Buffer Underflow Vulnerability
|
|
|
CVE-2008-0699 (DB2)
|
|
|
rPath update for ruby
|
|
|
wyrd Insecure Temporary File
|
|
|
MediaWiki JSON Callback Information Disclosure
|
|
|
FrSIRT - EasyPublish SQL Injection and Cross Site Scripting Vulnerabilities
|
|
|
Multiple vulnerabilities in libnemesi 0.6.4-rc1
|
|
