1. /

Trojan.Gimmiv.A

Risk Level 1: Very Low

Discovered:
October 24, 2008
Updated:
October 29, 2008 3:48:55 PM
Also Known As:
Troj/Gimmiv-A [Sophos], Trojan-Spy:W32/Gimmiv.A [F-Secure], Win32/Gimmiv.A [Computer Associates], Gimmiv.A [Panda Software], Win32/Gimmiv.B [Computer Associates], Spy-Agent.da [McAfee], WORM_GIMMIV.A [Trend], Troj/Gimmiv-Gen [Sophos]
Type:
Trojan
Infection Length:
397,312 bytes
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
CVE References:
CVE-2006-3439, CVE-2008-4250
Trojan.Gimmiv.A is a Trojan horse that opens a back door, attempts to exploit remote vulnerabilities, and may steal information from the compromised computer.

Note: Definitions before October 24, 2008 may detect this threat as Infostealer.

Antivirus Protection Dates

  • Initial Rapid Release version pending
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version October 24, 2008 revision 024
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date October 29, 2008
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Damage

  • Damage Level: Medium
  • Payload: Opens a back door.
  • Releases Confidential Info: Gathers confidential information.
  • Degrades Performance: May exploit remote vulnerabilities which degrades performance.

Distribution

  • Distribution Level: Low
Writeup By: Elia Florio
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver