JAVA_EXPL.AL
Windows 2000, Windows XP, Windows Server 2003
![](/vinfo/imgFiles/legend.jpg)
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website.
It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
TECHNICAL DETAILS
18,210 bytes
Java Class
No
09 Sep 2011
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It may be hosted on a website and run when a user accesses the said website.
Download Routine
This Trojan saves the files it downloads using the following names:
- %User TEmp%\{Random File Name}.exe
It then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
NOTES:
This trojan contains a function that attempts to connect to a website to download a possibly malicious file. The URL where it is connecting to download files depends on the parameter passed on to its function.