DLL attack
6/16: Agent.DGW Trojan Unknowingly Downloaded
June 16, 2008
Agent.DGW Trojan is dropped by other malware. It can be downloaded unknowingly by a user when visiting malicious Web sites. It can also arrive as a .DLL file that exports functions used by other malware.
Other malware can also use this Trojan for their malicious routines, specifically for downloading possibly malicious files.
http://www.esecurityplanet.com/alerts/article.php/3753146
http://snipurl.com/2j8u1
File type: DLL Size of malware: 32,768 Bytes Initial samples received on: May 28, 2008 Payload 1: Downloads files | |
This Trojan is dropped by other malware. It can be downloaded unknowingly by a user when visiting malicious Web sites. It can also arrive as a .DLL file that exports functions used by other malware. It creates the following registry entry to enable its automatic execution at every system startup: HKEY_CLASSES_ROOT\CLSID\ It creates the following registry keys: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\8902a0d3 HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\cd46e497 Other malware can also use this Trojan for their malicious routines, specifically for downloading possibly malicious files. It runs on Windows 98, ME, NT, 2000, XP, and Server 2003. |
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home