Win32/Exploit.Agent.NAD [Threat Name] go to Threat

Win32/Exploit.Agent.NAD [Threat Variant Name]

Category trojan
Size 96299 B
Detection created Apr 25, 2012
Detection database version 7086
Aliases Exploit:.Win32/CVE-2010-3333 (Microsoft)
  Bloodhound.Exploit.366 (Symantec)
  Exploit.RTF.Gen (BitDefender)
Short description

Win32/Exploit.Agent.NAD is a trojan that installs Win32/TrojanDownloader.Agent.PTT malware. It exploits the CVE-2012-0158 vulnerability.

Installation

When executed the trojan drops in folder %temp% the following file:

  • msmsgs.exe (36864 B, Win32/TrojanDownloader.Agent.PTT)

The file is then executed.

Other information

The trojan creates the following files:

  • %temp%\­Wor.doc (24064 B)

The trojan runs the following applications:

  • Microsoft Word

The following file is opened in the browser:

  • %temp%\­Wor.doc

The following text is displayed in Microsoft Word :

Please enable Javascript to ensure correct displaying of this content and refresh this page.