|Detected||Jun 07 2006 16:39 GMT|
|Released||Feb 14 2007 12:41 GMT|
|Published||Jun 07 2006 16:39 GMT|
This Trojan downloads files via the Internet without the knowledge or consent of the user. The Trojan itself is a Windows PE EXE file 8250 bytes in size.
The Trojan downloads a file from the following address:
It then saves the file as an executable file and launches it for execution on the victim machine.
The program has no other malicious payload.
The file which the Trojan downloads will be detected by Kaspersky Anti-Virus as Virus.Win32.Gpcode, which encrypts user files.
The version of the program downloaded via the link may vary.
Programs classified as Trojan-Downloader download and install new versions of malicious programs, including Trojans and AdWare, on victim computers. Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up.
Information about the names and locations of the programs which are downloaded are in the Trojan code, or are downloaded by the Trojan from an Internet resource (usually a web page).
This type of malicious program is frequently used in the initial infection of visitors to websites which contain exploits.