| Downloader-13403 is a Trojan. A Trojan is a program that pretends to have a valid use, but in fact modifies the user's computer in malicious way. Trojans do not replicate or spread to other computers. Downloader-13403 is compressed using the executable packer and its file size is 749,568 bytes. This malware is written in Borland Delphi. It uses the network connection: - Downloads file from http://recebeu.com.sapo.pt/kl.txt as C:\Windows\kl.exe.
- Connects to "recebeu.com.sapo.pt" on port 80 (TCP).
- Opens URL: http://recebeu.com.sapo.pt/kl.txt.
- Downloads file from http://www.torpedomsn.kit.net/msnmsgr.txt as C:\Windows\worm.exe.
- Connects to "www.torpedomsn.kit.net" on port 80 (TCP).
- Opens URL: http://www.torpedomsn.kit.net/msnmsgr.txt.
Downloader-13403 drops the following files on the hard drive: - C:\Windows\kl.exe (4096 bytes)
- C:\Windows\worm.exe (4096 bytes)
It also is starting downloaded file - potential security problem.
|
