1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: JS.Downloader Download 17

System Infected: JS.Downloader Download 17

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature is to detect JS.Downloader activity.

Additional Information

JS.Downloader is a malicious script that may arrive as an attachment in spam emails.

The emails may have different subjects and body messages. For example:

Subject: Outstanding invoices - [RANDOM LETTERS]

Attachment: In[RANDOM LETTERS].doc

Message:

Kindly find attached our reminder and copy of the relevant invoices.

Looking forward to receive your prompt payment and thank you in advance.

Kind regards,

[NAME]


When the script is opened, it will download and execute malware from a remote location.

Affected

  • Various Windows platforms.

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube