Search
Keyword: bkdr_bn.311.eds
Trend Micro has flagged this backdoor application as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it is a file downloaded by a
This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
This backdoor requires its main component to successfully perform its intended routine. Autostart Technique This backdoor registers itself as a system service to ensure its automatic execution at
This backdoor is the command line tool called SkServer. This backdoor may be dropped by other malware. It acts as a proxy server to allow remote malicious user to use the affected systems to hide
This backdoor may arrive bundled with malware packages as a malware component. It may be unknowingly downloaded by a user while visiting malicious websites. It executes then deletes itself afterward.
It is a component file of other BKDR_TDSS malware to hide its processes and files from the user. It is also responsible for ensuring that the Master Boot Record of the system is infected. This Trojan
This backdoor arrives as a component bundled with malware/grayware packages. It may be unknowingly downloaded by a user while visiting malicious websites. It is a component of other malware. It may
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
This backdoor may be dropped by other malware. It opens a hidden Internet Explorer window. It connects to a website to send and receive information. Arrival Details This backdoor may be dropped by
This backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be dropped by other malware. It may be unknowingly downloaded by a user while
It connects to URLs to send system information and to possibly download other files. This backdoor may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious
This backdoor uses social engineering methods to lure users into performing certain actions that may, directly or indirectly, cause malicious routines to be performed. Specifically, it arrives as a
This backdoor may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It opens a random port to allow a remote user to connect to the affected system. Once
It sends the stolen information to a specific port via injected code in IEXPLORE.EXE. After a successful connection to the server, it then waits for a command from the server. The commands received
This backdoor uses icons similar to those of legitimate applications to entice a user to click them. It opens a random port to allow a remote user to connect to the affected system. Once a successful
This backdoor may be downloaded from remote sites by other malware. It opens a hidden Internet Explorer window. It deletes itself after execution. Arrival Details This backdoor may be downloaded from
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It contains errors in its code. This stops it from performing its routines.
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by the following malware: TROJ_TDSS.WIN NOTES: It may connect to the following servers where it receives