Overview
This is a multidropper which is intended to drop and execute trojan downloader and worm on the target machine.
|
Minimum DAT
4739 (2006-04-12) Updated DAT4739 (2006-04-12) |
Minimum Engine
5.1.00 File Length375,296 bytes |
Description Added
2006-04-12 Description Modified2006-07-01 |
Malware Proliferation
Characteristics
Upon execution, it drops following files on the system:
- crackMaster.exe (24,576 bytes) (Detected as Adware-Dogpile)
- loadadv458.exe (4,005 bytes) (Detected as Generic Downloader.u)
These files are dropped in following folder:
- %ProgramFiles%\Desktop
If the system is connected to the internet, then these dropped files further download many other malicious contents.
Symptoms
Method of Infection
This multidropper trojan serves only to drop and execute other files on the target system. It does not self-replicate. Likely distribution channels for this trojan include via IRC, via peer-to-peer file-sharing networks, as an attachment in newsgroup postings or email, etc. The file is likely to be named in order to entice the victim to run it.
Trojans may also be received as a result of poor security practices (weak username/password combination on open shares, lack of/or misconfigured firewall protection), or unpatched and vulnerable systems.
Removal
A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.
Variants