HTML_FAKEUPS.AB
May 09, 2013
ALIASES:
HTML/Iframe.B.Gen virus (Nod32)
PLATFORM:
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan may be hosted on a website and run when a user accesses the said website.
TECHNICAL DETAILS
File Size: 6,733 bytes
File Type: HTML, HTM
Initial Samples Received Date: 19 Apr 2013
Arrival Details
This Trojan may be hosted on a website and run when a user accesses the said website.
NOTES:
It contains a link that connects and downloads the following possibly malicious file once they clicked the link:
- http://{BLOCKED}k.{BLOCKED}ps-ups.com/Webmyups/invoiceVMWGVDP2JBDJJ85M2T.JPG.exe
It also contains links that redirect users to the following possibly malicious site once they clicked the link:
- http://{BLOCKED}k.{BLOCKED}ps-ups.com/Webmyups