JAVA_BLACOLE.BP
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan may arrive bundled with malware packages as a malware component. It may be hosted on a website and run when a user accesses the said website.
TECHNICAL DETAILS
11,865 bytes
Java Class
24 Mar 2012
Arrival Details
This Trojan may arrive bundled with malware packages as a malware component.
It may be hosted on a website and run when a user accesses the said website.
NOTES:
This Trojan downloads a possibly malicious file from a certain URL. The URL where this malware downloads the said file depends on the parameter passed on to it by its components. The downloaded file is usually saved as %User Temp%\{Random characters}.exe . As a a result, routines of the downloaded files may also be exhibited on the affected system.
(Note: %User Temp% is the current user's Temp folder, which is usually C:\Documents and Settings\{user name}\Local Settings\Temp on Windows 2000, XP, and Server 2003.)