JS_OBFUSCA.ACE
October 31, 2012
ALIASES:
Microsoft (Trojan:JS/Blacole.IZ); Symantec (JS/Exploit-Blacole.gc !!)
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan may be hosted on a website and run when a user accesses the said website.
It inserts an IFRAME tag that redirects users to certain URLs.
TECHNICAL DETAILS
File Size: 6,856 bytes
File Type: JS
Memory Resident: No
Initial Samples Received Date: 24 Oct 2012
Arrival Details
This Trojan may be hosted on a website and run when a user accesses the said website.
Other Details
This Trojan inserts an IFRAME tag that redirects users to the following URLs:
- http://{BLOCKED}zdia.myfw.us/t/vc.php?go=2
- http://uvnnwg.{BLOCKED}w.info/counter/main.php