Threat Encyclopedia

Home > Threat Center > Threat Encyclopedia

Selected viruses, spyware, and other threats: sorted alphabetically

O
P
Q
R
S
T
U
V
W
X
Y
Z
Glossary

Short description

Win32/VB.OLP is a trojan which tries to download other malware from the Internet. The file is run-time compressed using FSG .

Installation

When executed, the trojan creates the following files:

%program files%\Windows Media Player\flashget.exe (61440 B)
%program files%\maps\conime.exe (36864 B)
%program files%\maps\ctfmon.exe (57344 B)
%program files%\uuscall\qq.exe (32768 B)
%allusersprofile%\lsass32.exe (167936 B)
kill.bat

The files are then executed.

Information stealing

The trojan collects the following information:

computer name

The trojan can send the information to a remote machine. The HTTP protocol is used.

Other information

The trojan may create the following files:

%program files%\2.txt

The trojan opens the following URLs in Internet Explorer :

http://www.34800.com/123.asp

The trojan executes the following command:

cmd.exe /c net stop sharedaccess

The trojan contains a list of URLs. It tries to download several files from the addresses.

These are stored in the following locations:

%program files%\Internet Explorer\fgcn_276.exe
%program files%\Internet Explorer\pipi_314.exe
%program files%\avp.exe
%program files%\Upgrade.ini

The files are then executed.

All Products:

Cart About ESET Partners United States and Canada

© 2012 ESET North America. All rights reserved. Trademarks used herein are trademarks or registered trademarks of ESET spol. s r.o. or ESET North America.
All other names and brands are registered trademarks of their respective companies.