Play mp3.exe (trojan)
Encyclopedia
Play_mp3.exe is a trojan horse
. It is an executable file downloaded from a website which promises the user a free MP3
or MPG
player.
networks, users download files (going by a variety of names) which are disguised as MP3s or MPGs. Instead of sharing music or video these files simply direct the user to a web page from where, they are promised, they can download a free media player
.
They will then install the play_mp3.exe executable
, which, when run, installs the Downloader-UA.h downloader. Oddly the user is also shown, and asked to accept, a lengthy license agreement permitting the installation of the adware
programs "SurfingEnhancer" and "FBrowsingAdvisor" onto the user's PC
.
including displaying adware, installing unwanted programs, hijacking the user's system and communicating with third parties. The promised media player then turns out to be a web-based player which offers only a limited range of saved tracks.
As a note on naming, trojans may have different versions of themselves, each with a different name and possibly slightly different behavior. These various versions are called strains, and trojans and their strains can also be grouped into families. Play_mp3.exe (and its over 220 alternatively named strains) are part of Downloader-UA.h downloader, Trojan. AdClicker, and Adware Generic2.AARK families.
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...
. It is an executable file downloaded from a website which promises the user a free MP3
MP3
MPEG-1 or MPEG-2 Audio Layer III, more commonly referred to as MP3, is a patented digital audio encoding format using a form of lossy data compression...
or MPG
MPG
MPG or mpg may refer to:*.mpg, one of a number of file extensions for MPEG-1 or MPEG-2 audio and video compression*General Motors Milford Proving Ground*Havas Media, formerly known as Media Planning Group, a media division of Havas...
player.
The trojan
Spreading through peer-to-peer file sharingPeer-to-peer file sharing
P2P or Peer-to-peer file sharing allows users to download files such as music, movies, and games using a P2P software client that searches for other connected computers. The "peers" are computer systems connected to each other through internet. Thus, the only requirements for a computer to join...
networks, users download files (going by a variety of names) which are disguised as MP3s or MPGs. Instead of sharing music or video these files simply direct the user to a web page from where, they are promised, they can download a free media player
Portable media player
A portable media player or digital audio player, is a consumer electronics device that is capable of storing and playing digital media such as audio, images, video, documents, etc. the data is typically stored on a hard drive, microdrive, or flash memory. In contrast, analog portable audio...
.
They will then install the play_mp3.exe executable
Executable
In computing, an executable file causes a computer "to perform indicated tasks according to encoded instructions," as opposed to a data file that must be parsed by a program to be meaningful. These instructions are traditionally machine code instructions for a physical CPU...
, which, when run, installs the Downloader-UA.h downloader. Oddly the user is also shown, and asked to accept, a lengthy license agreement permitting the installation of the adware
Adware
Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer. These advertisements can be in the form of a pop-up. They may also be in the user interface of the software or on a screen presented to the user during...
programs "SurfingEnhancer" and "FBrowsingAdvisor" onto the user's PC
Personal computer
A personal computer is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator...
.
Unwanted consequences
Once installed the play_mp3.exe file can perform a number of malicious activitiesMalware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
including displaying adware, installing unwanted programs, hijacking the user's system and communicating with third parties. The promised media player then turns out to be a web-based player which offers only a limited range of saved tracks.
As a note on naming, trojans may have different versions of themselves, each with a different name and possibly slightly different behavior. These various versions are called strains, and trojans and their strains can also be grouped into families. Play_mp3.exe (and its over 220 alternatively named strains) are part of Downloader-UA.h downloader, Trojan. AdClicker, and Adware Generic2.AARK families.