Citat:
Troj/Agent-A is a bitmap format (BMP) graphic image file that downloads an executable from a remote website to C:\sys.exe.
At the time of analysis, the file downloaded was a backdoor Trojan horse detected by Sophos as Troj/BDThr-A.
Historically, computer users would not regard BMP files as capable of infecting computers. However, there appears to be a bug in the Microsoft code which handles the Windows BMP file format which can allow executable code held inside the BMP file to be executed.
At the time of writing Microsoft has not yet issued a patch to secure this vulnerability. Troj/Agent-A is only believed to work on the Russian-language version of Microsoft Windows.
At the time of analysis, the file downloaded was a backdoor Trojan horse detected by Sophos as Troj/BDThr-A.
Historically, computer users would not regard BMP files as capable of infecting computers. However, there appears to be a bug in the Microsoft code which handles the Windows BMP file format which can allow executable code held inside the BMP file to be executed.
At the time of writing Microsoft has not yet issued a patch to secure this vulnerability. Troj/Agent-A is only believed to work on the Russian-language version of Microsoft Windows.