Mal/Behav-103

The Mal/Behav-103 Trojan is what is known as a dropper Trojan. Its main function is to enter a computer system and to "drop" or install other malware infections, such as worms, rootkits or additional Trojans. The Mal/Behav-103, in particular, is often used to install a Remote Access Tool, a devastating malware infection that gives criminals the ability to control the infected computer from a distance. Using this malware tool, a hacker can use the computer infected with the Mal/Behav-103 to perform attacks, send out spam email or to delete all contents of its hard drives. There are several components that characterize the Mal/Behav-103. This dangerous malware infection is protected with Themida, a kind of protection that is designed to make it extremely difficult for malware researchers to reverse engineer and dissect how the Mal/Behav-103 works. The Mal/Behav-103 will usually create a file named "mothersday11-hp" on the infected computer's hard drive, containing most of the Mal/Behav-103's active components.

The Mal/Behav-103 and the Colonel Gaddafi Photos Scam

It has become a growing trend among computer criminals to take advantage of high-profile deaths or events. We saw it with the death of Steve Jobs and with the death of Amy Winehouse. Now, the Mal/Behav-103 has been making headlines because of its involvement in a scam that takes advantage of Libyan dictator's death Moammar Gaddafi. Typically, victims will receive a fraudulent email claiming that it contains a link to the bloody photographs of this dictator's dead body. Since this has been a trending topic since Moammar Gaddafi's death, it is quite possible that many computer users were tricked by this scam.

The attached file is compressed in .rar format. However, if you decompress it, it does not lead to any photographs, but installs the Mal/Behav-103 automatically on the victim's computer system. To protect yourself from this scam, ESG security researchers strongly recommend being careful about the links you click. Specifically, email attachments from unreliable sources are a common source of malware such as the Mal/Behav-103. These kinds of celebrity death scams are particularly vicious, as they take advantage of human nature and curiosity to convince the victim to download and install the Trojan himself. ESG malware analysts recommend getting your celebrity news from reputable websites. Also, do not trust any unrequested emails claiming that they contain important new information.