Trojan.Hongmosa

Risk Level 1: Very Low

Printer Friendly Page

Discovered: July 4, 2006

Updated: February 13, 2007 12:57:17 PM

Type: Trojan Horse

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

Trojan.Hongmosa is a proof-of-concept Trojan that exploits the Microsoft Excel Style Handling and Repair Remote Code Execution Vulnerability (BID 18872 ). The Excel file is found on the Web as Nanika.xls, which looks like a Japanese file name but it has been first created by a Traditional Chinese version of Microsoft Excel.

Protection

Initial Rapid Release version July 5, 2006
Latest Rapid Release version August 20, 2008 revision 017
Initial Daily Certified version July 5, 2006
Latest Daily Certified version August 20, 2008 revision 016
Initial Weekly Certified release date July 5, 2006

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy

Damage

Damage Level: Low

Distribution

Distribution Level: Low

Writeup By: Masaki Suenaga

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}

Norton Internet Security / Norton AntiVirus 2009