Search
Keyword: bkdr_bn.311.eds
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the files it drops, prompting the affected
A backdoor program is a Trojan specifically designed to allow malicious users to remotely manipulate affected systems. Like all Trojans, backdoors do not automatically propagate. They are either
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
It enables the OS continue booting without crashing by replicating a particular system library. It is a component file of BKDR_TDSS. It is also responsible for loading the other component file,
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. Arrival Details This backdoor may be
This backdoor may be dropped by TROJ_DROPPER.ADO. When executed, it executes commands from a remote malicious user to start or stop services, list processes and services, get system information and
Installation This backdoor drops the following copies of itself into the affected system: %Application Data%\Microsoft\conhost.exe (Note: %Application Data% is the current user's Application Data
This backdoor connects to a website to send and receive information. Installation This backdoor drops the following copies of itself into the affected system: %User Temp%\is799009782\AInstaller.exe
Upon execution, this backdoor connects to the Internet Relay Chat (IRC) server irc.2ch.net , where it joins the channel ##ReVoLuTiOn## . It opens the port TCP 6667 where it listens for remote
This backdoor may be dropped by other malware. It connects to certain URLs. It may do this to remotely inform a malicious user of its installation. It may also do this to download possibly malicious
This backdoor arrives as a file that exports the functions of other malware/grayware. It requires its main component to successfully perform its intended routine. Arrival Details This backdoor
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by the following malware: TROJ_ARTIEF.KER Installation This backdoor drops the following files: %system
This backdoor has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram
However, as of this writing, the said sites are inaccessible. It connects to a website to send and receive information. Arrival Details However, as of this writing, the said sites are inaccessible.
This backdoor opens a hidden Internet Explorer window. Other Details This backdoor connects to the following possibly malicious URL: http://{malware file name}{7 random characters}/ It opens a hidden
This backdoor may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It opens random ports. It saves downloaded files into certain folders. It requires its
This backdoor may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It creates folders where it drops its files. Arrival Details This backdoor
Upon execution, this backdoor terminates certain processes. This backdoor may be dropped by other malware. It deletes itself after execution. Arrival Details This backdoor may be dropped by the
This backdoor monitors the browsing activities of the user and logs keystroke when the user is accessing sites with certain strings. This backdoor arrives on a system as a file dropped by other