McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Create Account | Login  | What is TrustedSource?
 
Home  Threats and Trends  Malware Information
TrustedSource™ Query
Enter IP address, domain name or URL to check reputation/traffic patterns:
Search
 


Malware Information

Malware nameScript.Dldr.Psyme.GX.3
TypeScript
Affected platformWin32
Media-Typenone
MD5 checksum0315B9848D45DF15E150E7E645FC715A
Static fileno
Filesize85,613 Bytes
Alias names
(also known as)
Webwasher ProactiveJavaScript.BufferOverflow.gen!High
SophosExp/MS06055-A
McAfeeJS/Exploit-BO.gen
CA ETrustJS/Veemyfull!exploit
Protection
Webwasher ProactiveDatabase Version: 42
Side effects
  • Downloads a malicious file
  • Makes use of software vulnerability
PropagationNo own spreading routine

Description:

Files

It tries to download a file:

– The location is the following:
• http://v2statscount.net/**********
It is saved on the local hard drive under: %system drive root% \U.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too.

McAfee Homepage | Contact | Privacy Policy

Copyright © 2007-2009 McAfee, Inc. All Rights Reserved.

THE DATA IS FURNISHED, "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, AND MCAFEE® HEREBY DISCLAIM ALL WARRANTIES, EXPRESS, IMPLIED OR STATUTORY INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES AS TO NON-INFRINGEMENT, AND IN NO EVENT SHALL MCAFEE® BE LIABLE FOR COSTS OF PROCURING SUBSTITUTE GOODS. IN NO EVENT WILL MCAFEE® BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT MCAFEE® HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.