Trojan:SWF/Jaswi.A

Trojan:SWF/Jaswi.A is small web format (.SWF) trojan that attempts to download other malware using an embedded and obfuscated malicious JavaScript. The SWF format trojan uses a vulnerability known as CVE-2010-0806 and described in Microsoft Security Advisory 981374 to exploit Windows computers and execute code via the malicious JavaScript.

 

This trojan may be encountered while browsing a website referencing the trojan via a malicious JavaScript.

 

Successful exploitation of a vulnerable computer by this malware could result in the downloading of arbitrary files. In the wild, this malware attempts to download a file "uusee.exe", detected as PWS:Win32/Lloyda.AU, from the domain "down.games520.cn". At the time of this writing, the file was not available.

CVE-2010-0806 is mitigated by Microsoft Security Bulletin MS10-018 released in March 2010.