Exploit.Win32.IMG-ANI.ae

From Total Malware Info

This Exploit uses vulnerability in some of the Windows(MS02-005) system libraries in the processing of graphic files. It’s graphic file (ANI-file). The program is unpacked and has size 27136 bytes.

Payload

The malware launches the harmful code which makes an error in the processing of graphic files of system library Windows USER32.DLL.When viewing the graphic file, the buffer overflow causes the custom code execution on the victim machine. The following link downloads the malware:

• http://www.li***g.com/customer/image/mmc.exe

This link didn’t work at that moment of creating the description.

Removal Instructions

If your computer wasn’t protected by Antivirus and was infected by this malware, you should perform next actions:
1. Update your Windows Internet Explorer:
   • http://www.microsoft.com/technet/security/bulletin/ms05-002.mspx
2. Update your antivirus databases and perform a full scan of your computer with Kaspersky Antivirus.