MultiDropper-QI

This page shows details and results of our analysis on the malware MultiDropper-QI

Download Current DAT: 6617

Threat Detail

Malware Type: Trojan

Malware Sub-type: Dropper

Discovery Date: 2006-03-21

Next Steps:

Overview
Characteristics
Symptoms
Method of Infection
Removal

Overview

This trojan drops malicious files on user's machine without user's knowledge.

Minimum DAT

4723 (2006-03-21)

Updated DAT

4723 (2006-03-21)

Minimum Engine

5.1.00

File Length

1593092 bytes

Description Added

2006-03-21

Description Modified

2006-07-02

Malware Proliferation

Characteristics

Characteristics are follows:

Drops malicious files which belong to the following category:

MySearch
ProcKill-CK
Adware-MWS
Downloader-VA

Symptoms

Symptoms are as follows:

Presence of following folders in %Program Files%:

comedy-planet
FreeRIP2
MyWay
MyWay\myBar
MyWay\myBar\1.bin
MyWay\myBar\Cache
MyWay\myBar\History
MyWay\SrchAstt
MyWay\SrchAstt\1.bin

Method of Infection

Installation:

File: Install.exe
Hash: ee4e83d4fcce8188e1f876d3110ab140

Upon execution this trojan drops following malicious files.

Adware-MWS

mypopswt.dll
mywaypluginproxy.class

Potentially unwanted Adware application.

Downloader-VA

msupd.exe

Downloader trojan designed to pull files from a remote website.

MySearch

npmyway.dll
mysrchas.dll
msupd.exe

MySearch is a search bar application that integrates with Internet Explorer.

ProcKill-CK

comedy-planet.exe
CPSetup.exe

Trojan intended to selectively remove active processes like monitoring tools and or av/security software.

Removal

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.