What is TrustedSource? | Create Account | Login 
Secure Computing Corporation
 
Home  Threats and Trends  Malware Information
TrustedSource™ Query
Enter IP address, domain name or URL to check reputation/traffic patterns:
Search
 

Malware Information

Malware nameScript.Dldr.Psyme.GX.3
TypeTrojan
Affected platformWin32
Media-Typenone
MD5 checksum0315B9848D45DF15E150E7E645FC715A
Static fileno
Filesize85,613 Bytes
Alias names
(also known as)
Webwasher ProactiveJavaScript.BufferOverflow.gen!High
SophosExp/MS06055-A
McAfeeJS/Exploit-BO.gen
CA ETrustJS/Veemyfull!exploit
Protection
Webwasher ProactiveDatabase Version: 42
Side effects
  • Downloads a malicious file
  • Makes use of software vulnerability
PropagationNo own spreading routine

Description:

Files

It tries to download a file:

– The location is the following:
• http://v2statscount.net/**********
It is saved on the local hard drive under: %system drive root% \U.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

Secure Computing Corporate Homepage | Contact | Privacy Policy | Disclaimer

Copyright © 2007-2008 Secure Computing Corporation. All Rights Reserved.

THE DATA IS FURNISHED, "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, AND SECURE COMPUTING® HEREBY DISCLAIM ALL WARRANTIES, EXPRESS, IMPLIED OR STATUTORY INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES AS TO NON-INFRINGEMENT, AND IN NO EVENT SHALL SECURE COMPUTING® BE LIABLE FOR COSTS OF PROCURING SUBSTITUTE GOODS. IN NO EVENT WILL SECURE COMPUTING® BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT SECURE COMPUTING® HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.