Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Favicon.ico javascript trojan - what does it do?

Tags:

javascript

trojan

Nod32 just warned me about a trojan which is embedded into a favicon.

I've copied the content of the favicon.ico here: http://pastebin.com/BkD4tKNy

Unfortunately I'm not really experienced with Javascript and the code looks very cryptic to me. Can anyone say what harm this code doing?

Thanks & kind regards

like image 973
TheLostOne Avatar asked Oct 18 '25 11:10

TheLostOne

1 Answers

It looks cryptic because the code is intentionally obfuscated.

The actual name of the trojan is W32/Lipler.Gen. It downloads and executes malicious code, which is whatever the person infecting you wants to execute on your machine.

You can read more about it here: http://www.f-secure.com/v-descs/trojan-downloader_w32_lipler_gen.shtml

like image 104
Tom Studee Avatar answered Oct 20 '25 00:10

Tom Studee
Sign in to Comment

Related questions

Calculate difference between 2 dates considering Daylight Saving Time

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!