1. /
  2. Security Response/
  3. Hacktool.Dahij

Hacktool.Dahij

Updated:
November 8, 2007 8:13:56 PM
Infection Length:
358,490 bytes and 94,208 bytes
Risk Impact:
High
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
Once installed, the security risk creates the following files:
  • %ProgramFiles%\e-jihad3
  • %ProgramFiles%\e-jihad3\e-Jihad.exe (detected as Hacktool.Dahij)
  • %ProgramFiles%\e-jihad3\MSWINSCK.OCX (clean library file)
  • %ProgramFiles%\e-jihad3\unins000.dat (clean data file)
  • %ProgramFiles%\e-jihad3\unins000.exe (clean uninstaller)

The security risk adds uninstall information as well as additions to the Start Menu on the compromised computer.

The security risk communicates with the following sites:
  • [http://]al-jinan.net/ntar[REMOVED]
  • [http://]al-jinan.net/tlog[REMOVED]
  • [http://]a1-jinan.net/tnew[REMOVED]
  • [http://]arddra.host.sk/ntar[REMOVED]
  • [http://]www.jo-uf.net/ntar[REMOVED]
  • [http://]www.jofpmuytrvcf.com/ntar[REMOVED]

Note: At the time of writing, the remote locations were unavailable.

If the security risk connects to the remote locations, it may download additional files.

The security risk requires a login to function.
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver