Troj/Peido-A

Discussion in 'malware problems & news' started by Technodrome, Nov 19, 2002.

Thread Status:
Not open for further replies.
  1. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    At the time of writing Sophos has received just one report of this Trojan from the wild.

    Description
    Troj/Peido-A is a Trojan that drops Troj/DLoader-BO.
    Troj/Peido-A appears as an administrative email containing the text

    "Unfortunately, it was not possible to deliver one or more of your messages.
    For more information, please, take a look in the attachment."

    The attachment is named mail.hta.
    When the attachment is run a window is displayed advertising a beauty cream and a copy of Troj/DLoader-BO is created in c:\scr615.scr and executed.

    more: http://www.sophos.com/virusinfo/analyses/trojpeidoa.html



    Technodrome
     
Thread Status:
Not open for further replies.