TROJ_PIDIEF.DR

Tue, 2008-04-22 17:00 - Topics:

Virus

This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It is a specially crafted .PDF file that exploits a known vulnerability in Acrobat Reader 8.1.1 or earlier versions. The said vulnerability causes the application to crash and could potentially allow a malicious user to take control of the affected system. More information about the said vulnerability can be found on this page.

It drops malicious files. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.

It also drops a non-malicious .PDF file in the current user's Temporary folder. The said .PDF file uses a random file name. This routine is done to trick users into thinking that they are viewing a normal .PDF file.

Similar entries

TROJ_PIDIEF.HE
This Trojan is a specially crafted .PDF file that exploits a known vulnerability in Acrobat Reader 8.1.1 or earlier versions. This vulnerability would cause the application to crash and could potentially allow a malicious user to take control of the affected system.

More information about the said vulnerability can be found on this Web page.
TROJ_PIDIEF.IA
This Trojan arrives as attachment to email messages spammed by another malware or a malicious user.
It drops files.

This PDF file exploits a known vulnerability in Acrobat Reader 8.1.1 or earlier versions.

The application could crash or a remote attacker could take control of the affected system when an unsuspecting user views a particular PDF file.
TROJ_MDROPPER.LI
This Trojan arrives as attachment to email messages spammed by another malware or a malicious user.
This is a specially crafted Microsoft Excel document that takes advantage of a known software vulnerability to drop possibly malicious files. More information on the said vulnerability can be found here.
This vulnerability causes Microsoft Excel to crash and could potentially allow a remote user to take control of the affected system.
TROJ_DLRHIFREM.J
This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.
It creates registry key(s)/entry(ies) as part of its installation routine.
It drops component files. It then executes the dropped file(s). As a result, malicious routines of the dropped files are exhibited on the affected system.

It opens a hidden Internet Explorer window to connect to a malicious URL to possibly download and execute a malicious file.
TROJ_PPDROP.K
This Trojan arrives on a system as a .PPS/.PPT file that is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites.

Upon execution, it dropsseveral files, some of which are detected as BKDR_AGENT.ADGS.

A dropped .TMP file is then injected into a running process to remain memory resident. As a result, routines of the dropped file are also exhibited on the affected system. To automate execution of the dropped malicious file, it also adds a registry entry.

Infopirate.org

TROJ_PIDIEF.DR

Similar entries

User login

Topics

Recent comments

Stay up to date!