OSX/TrojanDownloader.FakeAlert [Threat Name] go to Threat

OSX/TrojanDownloader.FakeAlert.A [Threat Variant Name]

Category trojan
Size 71680 B
Detection created May 26, 2011
Detection database version 6154
Aliases MACDefender (Symantec)
  Trojan-Downloader:OSX/FakeMacDef.A (F-Secure)
Short description

OSX/TrojanDownloader.FakeAlert.A is a trojan which tries to download other malware from the Internet.

Installation

The trojan does not create any copies of itself.

Other information

The trojan contains a list of (4) IP addresses. It tries to download a file from the addresses.


The file is stored in the following location:

  • /Applications/%variable%.app.zip

The HTTP protocol is used.


The trojan executes the following commands:

  • cd /Applications
  • unzip %variable%
  • rm -rf __MACOSX

The trojan runs the following applications:

  • /Applications/%variable%.app

The following file is deleted:

  • /Applications/%variable%.app.zip

Please enable Javascript to ensure correct displaying of this content and refresh this page.