- Bohmini.A
Bohmini.A is a configurable remote access tool or Trojan.
Bohmini.A exploits security flaws in
Adobe Flash 9.0.115 with Internet Explorer 7.0 and Firefox 2.0 under Windows XP SP2.Adobe Flash 9.0.124 is not known to be vulnerable to Bohmini.A.InJuly 2008 , it was known that Bohmini.A spread asmalvertising from247mediadirect through theZedo advertising network via the social networking siteFacebook .Bohmini.A is detected by at least one known anti-virus product;
Microsoft Windows Live OneCare . However, as ofAugust 12 ,2008 ,Microsoft Windows Live OneCare does not remove Bohmini.A completely, allthough it claims to have detected and removed it.To remove Bohmini.A under Windows XP, run a known detecting anti-virus product such as
Windows Live OneCare and then go to Control Panel and select Switch to Classic View. Then select Scheduled Tasks and remove all tasks with the prefix At such as At1, ..., At24.The Bohmini.A installation is customizable and therefore each of the implementations vary.For example, the executable names vary.
Bohmini.A is configured to notify and update itself over HTTP.
ee also
External links
* [http://telenorsoc.blogspot.com/2008/07/malvertising-fra-247mediadirect.html Threat Analysis from Telenor SOC (Norwegian)] [http://translate.google.com/translate?hl=en&sl=no&u=http://telenorsoc.blogspot.com/2008/07/malvertising-fra-247mediadirect.html&sa=X&oi=translate&resnum=1&ct=result&prev=/search%3Fq%3Dhttp://telenorsoc.blogspot.com/2008/07/malvertising-fra-247mediadirect.html%26hl%3Den%26client%3Diceweasel-a%26rls%3Dorg.debian:en-US:unofficial%26sa%3DG (Translated to English via Google)]
* [http://www.virustotal.com/analisis/a5d8b3ba9226285dd14619fd8faf12a7 Virustotal MD5:a2cd6617e5b1c4b0a6df375d878d33f1]
* [http://www.virustotal.com/analisis/03feb787fc54deac46d64ce9bfe8ce0f Virustotal MD5:45ecab7cc3aa1c86889ad6b13ed9838b]
Wikimedia Foundation. 2010.
