Troj/DocDrop-S

Category:	Viruses and Spyware	Protection available since:	17 Oct 2011 12:30:10 (GMT)
Type:	Trojan	Last Updated:	17 Oct 2011 12:30:10 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/DocDrop-S exploits CVE-2009-3129, patched in MS09-067, to drop and run more malware.

Summary

Troj/DocDrop-S is a Trojan.

Detailed analysis

Example behaviours of Troj/DocDrop-S follow:

Example 1

File Information

Size: 56K
SHA-1: 3b7d99dc41af8b8a22ed992466e78842ade765ac
MD5: 15a22ac5b7ed9fd640d6220dac0b4488
CRC-32: a872c635
File type: application/octet-stream
First seen: 2010-07-21

Example 2

File Information

Size: 108K
SHA-1: 2b05f59bef0530817c5ff9d9c9e0c1be9b47dfc3
MD5: 29102c49e356b291d8dbf7354609ce7c
CRC-32: 4887e935
File type: application/octet-stream
First seen: 2010-09-08

Other vendor detection

Avira: EXP/Excel.CVE-2009-3129

Example 3

File Information

Size: 103K
SHA-1: 02e1d13a17ffa1f153758d6325aab166b6b338c6
MD5: ba2a691669cfd7e7bdee7f691a71bc61
CRC-32: f4a8c977
File type: application/octet-stream
First seen: 2010-08-09

Try Sophos products for free
Download now