Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Back to news

Trojan.Botnetlog.11 forms new botnet

August 12, 2009

Russian anti-virus vendor Doctor Web reports a mass mailing of spam messages with attached Trojan.Botnetlog.11. The Trojan horse forming a new botnet also downloads and installs other pieces of malware on infected machines.

Trojan.Botnetlog.11 appeared as an attachment to spam messages on August 6, 2009. Now activity of this malicious program reached its peak.

The Trojan horse comes to a user machine with a fake e-mail delivery-failure notification from a respected e-mail service that informs a user that his package couldn’t be delivered because the recipient address is incorrect. As a solution the message offers a victim to print out the attached copy of an "invoice" and collect the package at the office of the company.

The attached zip-archive with a random name that follows the UPSNR_********.zip template contains an executable file with the same name. This file is Trojan.Botnetlog.11. The malicious file mutates from mailing to mailing and therefore can be hard to detect for an anti-virus.

Once launched the malware adds its entry to the autorun list, injects its code into system processes and establishes an HTTP connection to a bogus web-site to download other malicious programs. This is a how compromised system is are registered on the botnet.

Since Trojan.Botnetlog.11 is mutating constantly, Doctor Web recommends all users of Dr.Web anti-viruses to use automatic updating of virus databases and anti-virus software components.

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040