LNK_DLOADER.SMR
Windows 2000, XP, Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan may arrive bundled with malware packages as a malware component. It may be dropped by other malware.
It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system. As of this writing, the said sites are inaccessible.
TECHNICAL DETAILS
Arrival Details
This Trojan may arrive bundled with malware packages as a malware component.
It may be dropped by other malware.
Download Routine
This Trojan downloads files from the following File Transfer Protocol (FTP) sites:
- ftp://{BLOCKED}.{BLOCKED}.138.33/c.vbs
It saves the files it downloads using the following names:
- c.Vbs
It then executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.
As of this writing, the said sites are inaccessible.