|
 |
|
JS_AFIR.A
|
|
|
First Report:
|
2008-05-02 12:32
|
|
Last Update:
|
2008-05-20 05:42
|
|
|
Aliases:
|
2000
HEUR/Exploit.HTML
In
JS_AFIR.A
ME
NT
Server
XP
|
|
|
|
Information From AntiVirus Vendors
|
|
|
|
|
Below you will find virus information from different antivirus vendors included in this Secunia Virus Profile. Information about the virus along with links to removal tools will be listed below when available.
The information provided is sorted by the date on which the information first became publicy available on the antivirus vendors' websites. The earliest available reports are displayed first. Please note timestamps are in GMT+1.
|
|
|
#1 - TREND MICRO
|
| |
|
|
JS_AFIR.A
|
Severity:
-
|
File Size:
-
|
| |
|
|
Reported:
2008-05-02 12:32
|
Last Update:
2008-05-20 05:42
|
| |
Description:
This obfuscated JavaScript (JS) malware is hosted in compromised sites.
Once users access one of these compromised sites, this malicious JavaScript redirects them to a certain Web site to download a file detected by Trend Micro as TROJ_SINOWAL.CB. The said Trojan drops another malware, which Trend Micro detects as TROJ_SINOWAL.CI.
|
| |
|
Full Report From Vendor
View/Hide ChangeLog
|
|
ChangeLog:
|
|
|
Changes are listed in chronological order with the latest changes first.
|
|
| |
|
|
2008-05-20 05:42
|
Description was changed.
New:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, this
malicious JavaScript redirects them to a
certain Web site to download a file detected
by Trend Micro as TROJ_SINOWAL.CB. The said
Trojan drops another malware, which Trend
Micro detects as TROJ_SINOWAL.CI."
Old:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, it
then redirects them to a certain Web site to
download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan drops
another malware, which Trend Micro detects as
TROJ_SINOWAL.CI."
|
| |
|
|
2008-05-04 18:42
|
Description was changed.
New:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, it
then redirects them to a certain Web site to
download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan drops
another malware, which Trend Micro detects as
TROJ_SINOWAL.CI."
Old:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, it
then redirects them to a certain Web site to
download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan drops
another malware, which Trend Micro detects as
BKDR_SINOWAL.CF."
|
| |
|
|
2008-05-03 09:46
|
Description was changed.
New:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, it
then redirects them to a certain Web site to
download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan drops
another malware, which Trend Micro detects as
BKDR_SINOWAL.CF."
Old:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, it
then redirects them to a certain Web site to
download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan, in turn,
downloads another malware, which Trend Micro
detects as BKDR_SINOWAL.CF."
|
| |
|
|
2008-05-03 05:52
|
Description was changed.
New:
"This obfuscated JavaScript (JS) malware is
hosted in compromised sites.
Once users
access one of these compromised sites, it
then redirects them to a certain Web site to
download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan, in turn,
downloads another malware, which Trend Micro
detects as BKDR_SINOWAL.CF."
Old:
"This obfuscated JavaScript (JS) malware may
be dropped by other malware. It may be
downloaded unknowingly by a user when
visiting malicious Web site(s).
Upon
execution, it redirects to a certain Web site
to download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan, in turn,
downloads another malware, which Trend Micro
detects as BKDR_SINOWAL.CF."
|
| |
|
|
2008-05-02 21:02
|
Description was changed.
New:
"This obfuscated JavaScript (JS) malware may
be dropped by other malware. It may be
downloaded unknowingly by a user when
visiting malicious Web site(s).
Upon
execution, it redirects to a certain Web site
to download a file detected by Trend Micro as
TROJ_SINOWAL.CB. The said Trojan, in turn,
downloads another malware, which Trend Micro
detects as BKDR_SINOWAL.CF."
Old:
"This malicious JavaScript may be dropped by
other malware. It may be downloaded
unknowingly by a user when visiting malicious
Web site(s).
Upon execution, it redirects
to a certain Web site to download a file
detected by Trend Micro as TROJ_SINOWAL.CB."
|
| |
|
|
2008-05-02 13:42
|
Description was changed.
New:
"This malicious JavaScript may be dropped by
other malware. It may be downloaded
unknowingly by a user when visiting malicious
Web site(s).
Upon execution, it redirects
to a certain Web site to download a file
detected by Trend Micro as TROJ_SINOWAL.CB."
Old:
"N/A"
|
|
|
|
|
|
Please note: The information that this Secunia Virus Profile is based on comes from a third party unless stated otherwise.
The grouping process is done completely automatically, therefore minor inconsistencies may occur. For more information about Secunia Virus Information, please read: About Virus Information.
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
