TROJ_MDROP.AO

Wed, 2008-04-09 17:00 - Topics:

Virus

This Trojan arrives as attachment to email messages spammed by another malware or a malicious user.

Upon execution, it exploits the Macro Validation Vulnerability in Microsoft Excel wherein a specially crafted document can cause the application to drop and execute an embedded .EXE file.

More information about the said vulnerability can be found here.

Once it successfully exploits the mentioned vulnerability, it is able to execute a shell code which, in turn, runs the embedded .EXE file on the affected system. The said file is detected by Trend Micro as BKDR_ACCDROP.F.

It may be downloaded unknowingly by a user when visiting malicious Web site(s).

Similar entries

TROJ_ACCDROP.D
This is the Trend Micro detection for a specially crafted .MDB file that exploits the Microsoft Jet Database Engine vulnerability. It usually arrives as an attachment to a email messages spammed by another malware or a malicious user.

The mentioned vulnerability allows a malicious .MDB file to drop and execute an embedded file detected by Trend Micro as TROJ_PROXY.AFZ. As a result, routines of the dropped Trojan are also exhibited on the affected system.
TROJ_MDROPPER.MC
This is the Trend Micro detection for a specially-crafted .MSG file that arrives via email spammed by another malware or a malicious user.
It contains files that exploit the Microsoft Jet Database Engine vulnerability, including one detected by Trend Micro as TROJ_MDROPPER.MB.
The said vulnerability allows a malicious .DOC file to drop and execute an embedded executable file.
TROJ_MDROP.AH
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
TROJ_MDROPPER.WR

Malware Overview
TROJ_EMBED.AA
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

Infopirate.org

TROJ_MDROP.AO

Similar entries

User login

Topics

Recent comments

Stay up to date!