Follow:

 

Trojan:Java/Selace.E


Trojan:Java/Selace.E is a detection for malicious code that is bundled with Exploit:Java/CVE-2008-5353.A. It executes other malicious code, detected as Trojan:Java/Selace.D, that attempts to download and install malware on the vulnerable system.


What to do now

Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as Microsoft Security Essentials, or the Microsoft Safety Scanner. For more information about using antivirus software, see http://www.microsoft.com/security/antivirus/av.aspx.

Threat behavior

Trojan:Java/Selace.E is a detection for malicious code that is bundled with Exploit:Java/CVE-2008-5353.A in a Java applet. It executes other malicious code, detected as Trojan:Java/Selace.D, that attempts to download and install malware on the vulnerable system.
Installation
Trojan:Java/Selace.E is bundled with a malicious Java applet detected as Exploit:Java/CVE-2008-5353.A. The Java applet is a Java archive (.JAR file) that contains the following Java class malware:
On a vulnerable system without a particular Java security update installed, Exploit:Java/CVE-2008-5353.A executes Trojan:Java/Selace.E with full privileges ('AllPermissions').
 
Trojan:Java/Selace.E, in turn, executes Trojan:Java/Selace.D, again with full privileges. It attempts to download and execute malware on the vulnerable system.
Additional Information
Examples of malware downloaded and run by Trojan:Java/Selace.D include variants of Win32/Renos and Win32/Alureon.
 
Analysis by Marian Radu

Symptoms

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).

Prevention


Alert level: Severe
First detected by definition: 1.69.374.0
Latest detected by definition: 1.69.457.0 and higher
First detected on: Oct 30, 2009
This entry was first published on: Dec 17, 2009
This entry was updated on: Apr 17, 2011

This threat is also detected as:
  • JV/Selac (McAfee)
  • Exploit.Java.CVE-2008-5353 (Ikarus)
  • Trojan-Downloader.Java.OpenConnection.at (Kaspersky)