Infopirate.org

This malicious JavaScript (JScript) may be downloaded from remote sites by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites. It may also be hosted on a Web site and run when a user accesses the said Web site.

It takes advantage of the following software vulnerability to download malicious files on the affected system:

This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It accesses a certain Web site to receive information and download a malicious file detected by Trend Micro as TSPY_BANCOS.AXA. It then saves and executes the said file. As a result, malicious routines of the downloaded file are exhibited on the affected system.

This malicious JavaScript may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It accesses a Web site to download files. As a result, malicious routines of the downloaded files are exhibited on the affected system.

This malicious JavaScript may be dropped by other malware.

This JavaScript accesses Web sites to download files.

It then executes the downloaded file. The downloaded file is detected by Trend Micro as TROJ_SMALL.DXW. As a result, malicious routines of the downloaded files are exhibited on the affected system.

This Trojan may be downloaded from remote sites by other malware. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It creates folders. It drops copies of itself. It drops files/components.

It creates registry entries to enable its automatic execution at every system startup.

It accesses Web sites to download file(s). As a result, malicious routines of the downloaded files are exhibited on the affected system. It saves the downloaded files using certain file names.