|Detected||Jul 07 2006 14:05 GMT|
|Released||Jul 07 2006 14:05 GMT|
|Published||Sep 05 2006 12:54 GMT|
This Trojan terminates a number of legal applications. It is a Windows PE EXE file. It is 3104 bytes in size, and packed using UPX. The unpacked file is approximately 13KB in size.
The Trojan terminates the processes listed below:
_AVPCC.EXE _AVPM.EXE _FINDVIRU.EXE ACKWIN32.EXE ALOGSERV.EXE AMON.EXE ANTI-TROJAN.EXE APVXDWIN.EXE AVE32.EXE AVKSERV.EXE AVNT.EXE AVPCC.EXE AVPM.EXE AVWIN95.EXE CLAW95CF.EXE ECENGINE.EXE ESAFE.EXE FINDVIRU.EXE FPROT.EXE F-PROT95.EXE FP-WIN.EXE GUARDDOG.EXE IOMON98.EXE NAVAPSVC.EXE NAVAPW32.EXE NAVNT.EXE NAVW32.EXE NAVWNT.EXE NOD32.EXE NSPLUGIN.EXE OGRC.EXE RAV7.EXE RULAUNCH.EXE SCAN32.EXE SPIDER.EXE VET95.EXE VETTRAY.EXE VSMAIN.EXE
This type of behaviour covers malicious programs that delete, block, modify, or copy data, disrupt computer or network performance, but which cannot be classified under any of the behaviours identified above.
This classification also covers “multipurpose” Trojan programs, i.e. those that are capable of conducting several actions at once and which demonstrate several Trojan behaviours in a single program. This means they cannot be indisputably classified as having any single behaviour.