Infopirate.org

This is the Trend Micro detection for a specially crafted .MDB file that exploits the Microsoft Jet Database Engine vulnerability. It usually arrives as an attachment to a email messages spammed by another malware or a malicious user.

The mentioned vulnerability allows a malicious .MDB file to drop and execute an embedded file detected by Trend Micro as TROJ_PROXY.AFZ. As a result, routines of the dropped Trojan are also exhibited on the affected system.

This Trojan is a specially crafted .PDF file that exploits a known vulnerability in Acrobat Reader 8.1.1 or earlier versions. This vulnerability would cause the application to crash and could potentially allow a malicious user to take control of the affected system.

More information about the said vulnerability can be found on this Web page.

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

This Trojan arrives as attachment to email messages spammed by another malware or a malicious user.

Upon execution, it exploits the Macro Validation Vulnerability in Microsoft Excel wherein a specially crafted document can cause the application to drop and execute an embedded .EXE file.

More information about the said vulnerability can be found here.

Malware Overview