• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

MyAntiSpyware

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

Santa Claus leaves you a Trojan for Christmas

Myantispyware team December 23, 2005    

– A new Trojan, MerryX.A, reaches victims in an email with the subject “MERRY CHRISTMAS!”, and hides behind an animation with Santa Claus and Christmas music

– This Trojan joins the list of malware species that take advantage of the massive sending of Christmas cards via email to enter users’ computers

PandaLabs reports the appearance of a new Trojan, MerryX.A, which uses the theme of Christmas to distract users’ attention while infecting their computers. This Trojan, distributed in email messages, aims mainly at gathering information from the affected system.

Infection starts with arrival of an email with the subject “MERRY CHRISTMAS!”, and the text line: “Merry Christmas and a Happy New Year!”. This email includes two attached files: an animated GIF image called A_LIGHTSMC10.GIF, which shows the phrase “Merry Christmas” among bright lights, and a self-extracting RAR file which contains two files: a copy of the Trojan (called SQLServer.exe), and a Flash animation.

Whereas the GIF image does not infect the user’s computer, the self-extracting RAR file does trigger the infection process. As soon as the file is run, it opens the Flash file, which displays an animation accompanied by music, showing Santa Claus leaving presents in a Christmas tree against a red background, and runs the Trojan invisibly to users so that the computer becomes infected without the user realizing.

Once run, MerryX.A records information about the computer that -IP address, hardware data, etc- and sends it to a remote server. It also tries to download files from several web pages, which indicates that the Trojan could serve as an entry point for other malware specimens.

As result, i can tell you, don`t open attached files!

Trojan

 Previous Post

Adware in exchange for videos and music in P2P

Next Post 

The Adblock project

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply

New Guides

Ofliker.co.in Virus Removal Guide
scam alert
Remove Searchvaultly.com Redirect: Chrome, Edge, Firefox
Split Max AC Reviews, Scam or Legit, Uncovering the Truth!
Nusayin Cooling Ace Review: Scam or Legit? What You Need to Know
Imwing Cooling Ace Reviews, Scam or Legit, Uncovering the Truth!

Follow Us

Search

Useful Guides

Iphone Calendar virus spam
Iphone Calendar Virus/Spam 2022 (Removal guide)
How to reset Mozilla Firefox (Updated Apr. 2018)
How to remove browser hijacker virus (Chrome, Firefox, IE, Edge)
browser redirect virus
How to remove Browser redirect virus [Chrome, Firefox, IE, Edge]
adwcleaner
AdwCleaner – Review, How to use, Comments

Recent Guides

Adware in exchange for videos and music in P2P
Free Jetico Personal Firewall for Windows 98/ME/NT/2000/XP
Santa IM Worm
Symantec AV RAR library vulnerability
Panda Antivirus for Linux

Myantispyware.com

Myantispyware has been a trusted source for computer security and technology advice since 2004. Our mission is to provide reliable tech guidance and expert, practical solutions to help you stay safe online and protect your digital life.

Social Links

Pages

About Us
Contact Us
Privacy Policy

Copyright © 2004 - 2024 MASW - Myantispyware.com.