We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:JS/Gamburl.A
Detected by Microsoft Defender Antivirus
Aliases: Gumblar (other) Obfuscated Script.f (McAfee) Troj/JSRedir-R (Sophos)
Summary
Trojan:JS/Gamburl.A is a trojan JavaScript that can download and execute a malicious PDF or ShockWave file. In the wild, it has been observed that this malicious script is present in otherwise non-malicious Web pages on multiple Web sites.
This malicious script redirects the browser to a specific Web site that contains various exploits and malware. Trojan:JS/Gamburl.A is known to redirect to the site 'gumblar.cn'.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, see http://www.microsoft.com/protect/computer/viruses/vista.mspx.
Follow us
