Mal/JavaJar-B

Category: Viruses and Spyware Protection available since:31 Oct 2012 23:53:12 (GMT)
Type: Malicious behavior Last Updated:31 Oct 2012 23:53:12 (GMT)
Prevalence: Several Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Mal/JavaJar-B is a malicious Java package intended to exploit recent Java vulnerabilities in order to infect users with malware.

Mal/JavaJar-B detections are most commonly seen when browsing the web. The typical scenario is as follows:

  • user is browsing a legitimate site 
  • the legitimate site has been compromised - an HTML or JavaScript redirect is injected into pages
  • the injected code causes the user's browser to load content from a remote, malicious site known as an exploit site
  • the exploit site identifies that a vulnerable version of Java is running on the machine, and attempts to load a malicious Java package (JAR archive)
  • this package is detected as Mal/JavaJar-B
Examples of Mal/JavaJar-B include:

Example 1

File Information

Size
3.5K
SHA-1
002bac9928d23d9f7c35a95d3deb19ac65091366
MD5
cc6216c7bd20c439221621b6512dc402
CRC-32
4743ba3d
File type
JAR archive file
First seen
2012-11-24

Example 2

File Information

Size
8.5K
SHA-1
02d2c3c2e76b3ac89d924afc4bd9f19c7b842d29
MD5
db298c0160e2e2988eaa3e1c722a3919
CRC-32
5223df63
File type
JAR archive file
First seen
2012-12-08

Example 3

File Information

Size
20K
SHA-1
03857c3016e5f998ac269ba3de7394e82bd04d67
MD5
d156d264cb546015d8595de9590881c4
CRC-32
a1190ca4
File type
JAR archive file
First seen
2013-01-24

Further information

There is more information about Mal/JavaJar-B on the blog articles Sophos Techknow All about Java and Protect against latest Java zero-day vulnerability right now: Mal/JavaJar-B.

download Try Sophos products for free
Download now