|Detected||Sep 29 2005 04:21 GMT|
|Released||Sep 29 2005 04:21 GMT|
|Published||Dec 05 2005 10:12 GMT|
This Trojan downloads other malicious programs to the victim machine without the user's knowledge or consent. The Trojan is a Windows PE EXE file an is 262717 bytes in size.
When launched, this Trojan creates and then executes the following files:
The Trojan then registers bpk.exe in the system registry, ensuring that it will be launched each time Windows is rebooted on the victim machine.
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "bpk" = "%System%\bpk.exe"
The Trojan also creates files with the following names on the victim machine:
%System%\bpk.dat %System%\inst.dat %System%\kw.dat %System%\pk.bin
Trojan-Dropper programs are designed to secretly install malicious programs built into their code to victim computers.
This type of malicious program usually save a range of files to the victim’s drive (usually to the Windows directory, the Windows system directory, temporary directory etc.), and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.).
Such programs are used by hackers to: