Created: 2010-11-16, 16:35:14
Last updated on: 2010-11-16, 16:35:14

Platform: OSX Type: trojan Size: 112640
Date: 2010-10-27

Endangered operating system(s): Mac OS 10.4, Mac OS 10.5, Mac OS 10.6
Non-endangered operating system(s): Windows 3.xx, Windows 95, Windows 98, Windows ME, Windows NT all...


The different antivirus applications use different names for the individual viruses and worms. Sometimes an antivirus application identifies the same individual malware using different names for different copies or different viruses and worms are identified with the same name. The informative list below contains the names for the malware given by the most popular antivirus applications. The names can vary using the different versions of the same antivirus application.

antivirus naming
BitDefender MAC.OSX.Trojan.Boonana.A
e-Trust HTML/Boonana.A
F-Secure Trojan.Boonana.A
Ikarus Trojan.Boonana
Kaspersky Trojan.Shell.Jnana.a
Microsoft Trojan:MacOS_X/Boonana
Panda OSX/Koobface.A
Sophos Troj/KoobStrt-A


Viruses and worms can initiate some spectacular action. The purpose is usually to attract attention and through the interaction of the user (pushing a button or clicking on the mouse) they make it difficult to automatically proceed the malware in the virtual environment. The trojan displays the following window during the installation of its code:

image image image

The main purpose of viruses and worms spreading on the Internet and local networks is to infect another computer. After this infection malware can modify the system and after a reboot process the malware code can be launched. For this purpose malware usually creates files in the operating system's area and modify the registry. According to this modification of the registry the operating system will execute the malware code as well. Besides, it is possible that they create files in other area (directory) of the file system. It is also possible that viruses and worms create AUTORUN.INF files in the root directories of the drives. In this case - according to the default settings of Windows - it automatically executes the malware once the user opens the root directory of the particular drive.

OSX/Boonana.A.2 trojan creates the following files:

  • ~/.jnana/jnana.plist
  • /Library/StartupItems/OSXDriverUpdates/
  • /var/root/.jnana/

image image image