Discovered: July 14, 2004
Updated: July 14, 2004 7:31:05 AM
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
Trojan.Cargao is a trojan horse program that sends SPAM email to all contacts it finds in Windows Address Book.
When the trojan is executed, it creates the following files:
%Temp%\appconn.exe (105,472 bytes)
%Temp%\cartao.exe (176,640 bytes)
It attempts to download the following files and save them to C:\ARQUIVOS DE PROGRAMAS\ARQUIVOS COMUNS\:
http://ocarteiro.hostdotnet.com.br/applrpc.exe
http://ocarteiro.hostdotnet.com.br/applrpc.dll
http://ocarteiro.hostdotnet.com.br/appconn.exe
http://ocarteiro.hostdotnet.com.br/winssl.exe
It opens the following URL:
http://www.hostdotnet.com.br/player_ios1.htm
It sends SPAM emails to all contacts it finds in Windows Address Book. The email is HTML mail and has many links in its body.
Subject: Ol [recipient name], Entrega para voc - oCarteiro.com Cart Diverss e muito mais!
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine