TrojanDownloader:Java/OpenConnection.EE

Detected by Microsoft Defender Antivirus

Aliases: Trojan-Downloader.Java.Agent.fi (Kaspersky) Java/Downloader.V (AVG) Java/ClassLoader.T (Avira) Java/SillyDl.HKF (CA) Java/TrojanDownloader.Agent.NBA (ESET) Trojan-Downloader.Java.Agent (Ikarus) Mal/Jafuzzo-A (Sophos) JAVA_WEBSTART.B (Trend Micro)

Summary

TrojanDownloader:Java/OpenConnection.EE is the detection for an obfuscated Java applet that is part of a bundled malicious Java kit. The kit exploits the vulnerability described in CVE-2008-5353 and can be used to download and run arbitrary files from a malicious website.

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Additional recovery instructions

This threat exploits a known vulnerability in the Java Runtime Environment (JRE). After removing this threat, make sure that you install the updates available from the vendor. You can read more about this vulnerability from the following link:

CVE-2008-5353

TrojanDownloader:Java/OpenConnection.EE

Summary

What to do now

Additional recovery instructions

Technical information

Threat behavior

Installation

Payload

Prevention

Symptoms

System changes