Expl_Nevar.B is an exploit that may be dropped by other malware. It may arrive bundled with malware packages as a malware component.

It takes advantage of the GDI vulnerability in Microsoft. More information on the said vulnerability can be viewed in the following page: Microsoft Security Bulletin MS08-021

Once exploited, the said vulnerability allows a remote user or a malware program to download files on the affected machine. As a result, the affected system becomes compromised.


It also attempts to connect to a certain URL to download a file detected by Trend Micro as BKDR_POISONIV.QI. As a result, malicious routines of the downloaded file may be exhibited on the affected system.

Technical details can be found at this Trend Micro page.