TROJ_ARTIEF.EJ
Exploit:Win32/CVE-2010-3333 [Microsoft], Exploit.MSWord.CVE-2010-3333.j [Kaspersky]
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted: Yes
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.
TECHNICAL DETAILS
77,327 bytes
RTF
Yes
03 May 2011
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Dropping Routine
This Trojan drops the following files:
- %User Profile%\LOCALS~1\Temp\S
(Note: %User Profile% is the current user's profile folder, which is usually C:\Windows\Profiles\{user name} on Windows 98 and ME, C:\WINNT\Profiles\{user name} on Windows NT, and C:\Documents and Settings\{user name} on Windows 2000, XP, and Server 2003.)
It executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.