English

Log in

Search

The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service.

Internet threat level: 1

Follow us on

Home→Descriptions→Trojan.JS.Iframe.ug

Trojan.JS.Iframe.ug

Detected	Jun 26 2011 03:41 GMT
Released	Jun 26 2011 05:49 GMT
Published	Sep 08 2011 13:13 GMT

Technical Details
Payload
Removal instructions

Technical Details

A trojan program that opens various websites in the browser without the user's knowledge. It is a HTML-page containing JavaScript. 7507 bytes.

Payload

After opening the infected page in the browser, the trojan uses Java Script tools to decipher the code and launch it for execution. Furthermore, a resource located at the following link will be opened in the hidden frame:

http://voh***h.in/index.php?tp=27a7adb6290c6b75

Then, using the vulnerability in the installed browser, other malware may be downloaded from this site to the user's computer.

The link did not work when creating the description.

Removal instructions

If your computer has not been protected with anti-virus software and has been infected with malware, you will need to take the following actions to delete this:

Delete the original trojan file (its location on the infected computer will depend on how the program got onto the computer).
Clear the Temporary Internet Files directory which may contain infected files (How to delete infected files in the Temporary Internet Files folder?).
Run a full Kaspersky Antivirus scan of the computer with updated antivirus databases (download trial version).

MD5: 3C9DDD0BF78824058BCC440A872DAD4D
SHA1: E201EF21DF30605E5F424CD474E9C8E57184F370

Print

Share

Malicious programs

Trojans

Trojan

This type of behaviour covers malicious programs that delete, block, modify, or copy data, disrupt computer or network performance, but which cannot be classified under any of the behaviours identified above.

This classification also covers “multipurpose” Trojan programs, i.e. those that are capable of conducting several actions at once and which demonstrate several Trojan behaviours in a single program. This means they cannot be indisputably classified as having any single behaviour.

Other versions

Trojan.JS.Iframe.rg

Trojan.JS.Iframe.tm

© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.

kaspersky.com

securelist.com