BKDR64_BEDEP.YWN


 ALIASES:

Lookslike.Win32.Bedep.a (v) (Sunbelt), BackDoor-FCZS!7D07DDD07DCF (NAI)

 PLATFORM:

Windows

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Backdoor

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It requires its main component to successfully perform its intended routine. However, as of this writing, the said sites are inaccessible.

  TECHNICAL DETAILS

File Size:

771,744 bytes

File Type:

DLL

Initial Samples Received Date:

04 May 2016

Arrival Details

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Other Details

This backdoor connects to the following possibly malicious URL:

  • {random generated domain}.com

It requires its main component to successfully perform its intended routine.

However, as of this writing, the said sites are inaccessible.

NOTES:

Once this malware successfully connects to a random-generated domain, it will received a link where it can download another malicious file. After the file is downloaded, it will execute the file on the affected system. Thus, exhibiting its malicious activities on the affected system. The said download link may change depending on reply of the remote server.