Trillian Invisible Plugin 1.0 - Jamper

If you don’t want any problems with your computer, then you would not want to download this plugin.

Original Source

FileName: InViS_PlUg1.0.exe
FileHash (MD5): a8de7126df59460311bedbc16640d68e
FileSize: 12,097 bytes

Dropped Files

FileName: a.htm
FileHash (MD5): de243dc1d69b1eaf2eefdbe6e33aae80
FileSize: 256 bytes

FileName: Jamper.exe
FileHash (MD5): 84744f0a7ddfd70ceb0ce7b37c4624fb
FileSize: 42,368 bytes

softwareguy
I guess the only thing invisible with this plugin will be the poor person who installs it.

It seems that Jamper.exe is detected by Avast! (VPS: 0433-0) as Win32:Trojano-255 [Trj]. But the original file InViS_PlUg1.0.exe did not get detected… umm…

As of VPS 0433-2, every file dropped by this plugin is detectable by Avast.

a.htm - JS:Downtr-002 [Trj]
csrss.exe - Win32:Ldpinch-E [Trj]
dll.dll - Win32:Trojano-265 [Trj]
InViS_PlUg1.0.exe - Win32:Ldpinch-E [Trj]
Jamper.exe - Win32:Trojano-255 [Trj]

It seems that this trojan drops a lot of junk registry entries too! :-\