TROJ_ARTIEF.DRP
January 13, 2015
ALIASES:
Exploit:Win32/CVE-2012-0158 (Microsoft), Exploit.MSWord.Agent.es (Kaspersky), Trojan.Mdropper (Symantec)
PLATFORM:
Windows
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size: 1,483,542 bytes
File Type: RTF
Initial Samples Received Date: 18 May 2012
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Installation
This Trojan drops the following files:
- %Windows%\{random letters}.exe - detected as TSPY_DYRE.AATZ
(Note: %Windows% is the Windows folder, where it usually is C:\Windows on all Windows operating system versions.)