Search
Keyword: bkdr_swami.tib
This backdoor performs HTTP GET requests to certain servers to download malicious files. It acts as a proxy server to intercept requests of Internet browsers and points them to the proxy server on
This backdoor may be dropped by other malware. It connects to a website to send and receive information. Arrival Details This backdoor may be dropped by the following malware: TROJ_PIDIEF.DRP
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive
This description is based is a compiled analysis of several variants of BKDR_DARKMOON. Note that specific data such as file names and registry values may vary for each variant. This backdoor arrives
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It logs a user's keystrokes to steal information. It
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive
This malware arrives as an executable file infected by a file infector malware detected as PE_SALITY.AC. This consequently executes both payloads of BKDR_RILER.SVR and PE_SALITY.AC on the affected
This backdoor does not have any propagation routine. This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive
This description is based on a compiled analysis of several variants of BKDR_POISON. Note that specific data such as file names and registry values may vary for each variant. This backdoor arrives as
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the downloaded files. As a result,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This description is based is a compiled analysis of several variants of BKDR_ZACCESS. Note that specific data such as file names and registry values may vary for each variant. This backdoor arrives
NFLOG variants are capable of executing commands from remote malicious users. Remote malicious users can compromise the affected machine by executing the following commands: Download files Perform
It may connect to certain servers where it receives tasks from a remote malicious user. To hide its component files, it writes certain files at the end of the hard disk. This backdoor arrives on a
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
It opens a random port and waits for commands from a malicious attacker. Once a connection is established, it may perform several actions. This backdoor may be downloaded by other
This backdoor is related to the Sykipot campaign that targets the United States civil aviation sector. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It logs a user's keystrokes to steal information. It
This malware connects to a blogging service to receive and perform commands from remote malicious users. Due to this, it is able to perform actions on the affected system without user authorization,