Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Hacktool.Exe2Bmp

Hacktool.Exe2Bmp

Updated:
13 February 2007
Risk Impact:
High
Systems Affected:
Windows

Behavior


Hacktool.Exe2Bmp is a tool that hackers use to generate a set of files to exploit the Internet Explorer Object Tag Vulnerability (described in Microsoft Security Bulletin MS03-032 ).

Symptoms


The files are detected as Hacktool.Exe2Bmp.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 01 February 2015 revision 020
  • Initial Daily Certified version 07 June 2004
  • Latest Daily Certified version 26 January 2015 revision 023
  • Initial Weekly Certified release date 09 June 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Hacktool.Exe2Bmp is a tool that hackers use to generate a set of files to exploit the Internet Explorer Object Tag Vulnerability (described in Microsoft Security Bulletin MS03-032 ).


Hacktool.Exe2Bmp has a GUI interface at which there is a "Select" button. This allows the hacker to select a binary executable of their choice. Once the binary file (<file name>.exe) is selected, the hack tool creates three files with three different extensions (.htm, .asp, and .bmp), but with the same file name as the original binary file.

These files can then be uploaded to the hacker's Web site.

If you were to go to such a site, the file <file name>.exe could run on a your computer.

The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
  1. Update the definitions.
  2. Run a full system scan and delete all the files detected as Hacktool.Exe2Bmp.
For specific details on each of these steps, read the following instructions.

1. To update the definitions
To obtain the most recent definitions, start your Symantec program and run LiveUpdate.

2. To scan for and delete the files
  1. Start your Symantec antivirus program, and then run a full system scan.
  2. If any files are detected as Hacktool.Exe2Bmp, click Delete.


    Note: If your Symantec antivirus product reports that it cannot delete a detected file, write down the path and file name. Then use Windows Explorer to locate and delete the file.