TROJ64_EXPL.SM

 Analysis by: Jennifer Gumban

 ALIASES:

W64/CVE_2015_1701.A!tr (Fortinet), a variant of Win64/Exploit.CVE-2015-1701.A trojan, a variant of Win64/Exploit.CVE-2015-1701.A trojan (Nod32)

 PLATFORM:

Windows (64-bit)

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This Trojan may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It requires its main component to successfully perform its intended routine. It takes advantage of an unknown vulnerability in a certain software to allow a remote malicious user or malware to download files on the affected machine.

  TECHNICAL DETAILS

File Size:

(varies) bytes

File Type:

EXE

Initial Samples Received Date:

12 Jun 2015

Arrival Details

This Trojan may arrive bundled with malware packages as a malware component.

It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Other Details

This Trojan requires its main component to successfully perform its intended routine.

It takes advantage of an unknown vulnerability in a certain software to allow a remote malicious user or malware to download files on the affected machine.