Trojan uses same Java vulnerability as Flashback to install itself as a “drive-by download” Users of older versions of Java now have still more malware to worry about. It doesn’t require any user interaction to infect a system either just like Flashback all that needs to happen is for you to visit an infected webpage. The Trojan creates the files/Users//Library/Preferences/com.apple.PubSabAGent.pfile/Users //Library/Library/LaunchAgents/com/souce/comX/Sabpab-A.
Source: https://thehackernews.com/2012/04/sabpab-another-mac-os-backdoor-trojan.html