Jump to content

Troj_bomka.l


curtis

Recommended Posts

TROJ_BOMKA.L may arrive on a system as an attachment to spammed emails, disguised as a non-malicious dart game to entice users into playing it. This non-destructive Trojan is currently spreading in-the-wild and infecting computer systems that run on Windows 98, ME, NT, 2000, XP, and Server 2003.

 

A rough English translation of the email is:

 

Subject: you take one pause...

Message Body: I send a game flash!

then you send your score to me max... therefore I say how much I have made I to you... I am training myself:)

bye

{Name of sender}

Possible Attachment: gioco_freccette.zip

 

Upon execution, this Trojan drops and executes a copy of the legitimate game on the system. This action hides its malicious behavior from the user.

 

It also drops its .DLL component, which it registers as a Browser Helper Object (BHO) to ensure that it runs every time the user opens Internet Explorer.

 

This Trojan also attempts to connect to several Web sites to download other files or an update of itself. These downloaded files may be other malware, leaving the affected computer more prone to malicious attacks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...