||This article includes a list of references, related reading or external links, but its sources remain unclear because it lacks inline citations. (April 2009)|
Bohmini.A is a configurable remote access tool or Trojan.
Bohmini.A exploits security flaws in Adobe Flash 9.0.115 with Internet Explorer 7.0 and Firefox 2.0 under Windows XP SP2. Adobe Flash 9.0.124 is not known to be vulnerable to Bohmini.A. In July 2008, it was known that Bohmini.A spread as malvertising from 247mediadirect through an advertising network via the social networking site Facebook.
Bohmini.A is detected by at least one known anti-virus product; Microsoft Windows Live OneCare. However, as of August 12, 2008, Microsoft Windows Live OneCare does not remove Bohmini.A completely, although it claims to have detected and removed it.
To remove Bohmini.A under Windows XP, run a known detecting anti-virus product such as Windows Live OneCare and then go to Control Panel and select Switch to Classic View. Then select Scheduled Tasks and remove all tasks with the prefix At such as At1, ..., At24.
The Bohmini.A installation is customizable and therefore each of the implementations vary. For example, the executable names vary.
Bohmini.A is configured to notify and update itself over HTTP.
- Threat Analysis from Telenor SOC (Norwegian) (Translated to English via Google)
- Virustotal MD5:a2cd6617e5b1c4b0a6df375d878d33f1
- Virustotal MD5:45ecab7cc3aa1c86889ad6b13ed9838b
|This malware-related article is a stub. You can help Wikipedia by expanding it.|