Search
Keyword: bkdr_hupigon.cfm
This backdoor is noteworthy as it poses as an installer of Facebook messenger. To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. This
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
Other Details This backdoor connects to the following possibly malicious URL: http://{BLOCKED}.{BLOCKED}.184.42/AES{random}.jsp?{random}
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
This backdoor connects to a website to send and receive information. However, as of this writing, the said sites are inaccessible. Backdoor Routine This backdoor connects to the following websites to
This backdoor is a command line tool which is capable of redirecting network traffic from a port to another port. This backdoor may arrive bundled with malware packages as a malware component. It may
This backdoor has received attention from independent media sources and/or other security firms. Specifically, it is the dropped file of TROJ_MSPOSER.ASM, a Trojan that takes advantage of the Epsilon
This backdoor may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It sends the information it gathers to remote sites. Arrival Details This
Other Details This backdoor does the following: This is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:
This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by the following malware: TROJ_DROPPR.KEN Installation This backdoor is injected into the following
This backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This backdoor opens random ports. Installation This backdoor drops the following copies of itself into the affected system and executes them: %Program Files%\Common Files\System\DBOT.exe (Note:
This backdoor may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It may be unknowingly downloaded by a user while visiting malicious websites. It
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
It opens a hidden Internet explorer to connect to websites to send and receive information. This backdoor may be dropped by other malware. It may be unknowingly downloaded by a user while visiting
This backdoor may be dropped by other malware. It arrives as a component bundled with malware/grayware packages. It opens a random port to allow a remote user to connect to the affected system. Once
This backdoor may arrive bundled with malware packages as a malware component. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with