virus logo Virus

Adware/Small

description-logoAnalysis

This downloader Trojan is compact, with a file size of 7,680 bytes. It is coded to connect to four different web sites in an attempt to download a binary program named "silent_install.exe".

The file downloaded is identified by current AV db as "AdClicker.BA-dr".

This Trojan attempts to connect with the following domains in order to dowload the binary -

quicksearch360.com
ezwebsearching.com
search123forme.com
update.yupsearch.com
searchmiracle.com

recommended-action-logoRecommended Action


    FortiGate systems:
  • check the main screen using the web interface to ensure the latest AV/NIDS database has been downloaded and installed -- if required, enable the "Allow Push Update" option

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-04-20 92.03563
2024-04-08 92.03200
2024-03-25 92.02782
2024-03-25 92.02774
2024-03-18 92.02564
2024-02-19 92.01722
2024-02-16 92.01634
2024-02-05 92.01302
2024-02-04 92.01260
2024-01-30 92.01113
ID 62227
Released Dec 30, 2005
Description
Updated		 Mar 13, 2007
Aliases AdClicker-BA.dldr trojan [McAfee], Trojan-Downloader.Win32.Small.bnd [KAV]
Platform Profile Adware typically display advertising content to the user. This advertising content may take many forms, but is typically in the form of web browser pop-up advertisements. In most circumstances, the user is not aware of the Adware component being installed on the local machine.