|
特 徴:
This file infector may be dropped by other malware. It may also be downloaded unknowingly by a user when visiting malicious Web sites.
It connects to IRC servers to receive and execute commands on the affected system. It then reads the URLs to download files detected as TROJ_DROPPER.JHD. This file infector then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
It hooks APIs so that when these APIs are called, the malware code is executed which will then infect files.
Infected files are detected as PE_VIRUX.F. It also infects script files. Infected script files are detected as HTML_IFRAME.APX. However, it does not infect files that meet certain criteria.
This file infector modifies the system's HOSTS file by inserting a string at the beginning of the file. It then returns execution to the HOST file's original code after execution.
このウイルスに関しては次の情報も参照してください。
対応方法
詳細
感染状況
情報公開日: 2009/04/07
ウイルスデータベース検索
このウイルス情報に関して. こちらのアンケートにお答えください。
|
