Bohmini.A
Bohmini.A is a configurable remote access tool or Trojan.
Bohmini.A exploits security flaws in Adobe Flash 9.0.115 with Internet Explorer 7.0 and Firefox 2.0 under Windows XP SP2. Adobe Flash 9.0.124 is not known to be vulnerable to Bohmini.A. In July 2008, it was known that Bohmini.A spread as malvertising from 247mediadirect through an advertising network via the social networking site Facebook.
Bohmini.A is detected by at least one known anti-virus product; Microsoft Windows Live OneCare. However, as of August 12, 2008, Microsoft Windows Live OneCare does not remove Bohmini.A completely, although it claims to have detected and removed it.
To remove Bohmini.A under Windows XP, run a known detecting anti-virus product such as Windows Live OneCare and then go to Control Panel and select Switch to Classic View. Then select Scheduled Tasks and remove all tasks with the prefix At such as At1, ..., At24.
The Bohmini.A installation is customizable and therefore each of the implementations vary. For example, the executable names vary.
Bohmini.A is configured to notify and update itself over HTTP.
See also[edit]
External links[edit]
- Threat Analysis from Telenor SOC (Norwegian) (Translated to English via Google)
- Virustotal MD5:a2cd6617e5b1c4b0a6df375d878d33f1
- Virustotal MD5:45ecab7cc3aa1c86889ad6b13ed9838b
This malware-related article is a stub. You can help EverybodyWiki by expanding it. |
This article "Bohmini.A" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Bohmini.A. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.