Search
Keyword: bkdr_hupigon.cfm
This backdoor may be unknowingly downloaded by a user while visiting malicious websites. It bears the file icons of certain applications to avoid easy detection and consequent removal. It opens a
This backdoor queries the default web browser by accessing a registry entry. It then launches a hidden Web browser process (e.g. iexplore.exe) where this malware injects its code for its backdoor
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It joins an Internet Relay Chat (IRC) channel. It
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It listens on ports. It may also connect to Internet
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be dropped by the
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is injected into all running processes to remain
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be injected into processes running in memory.
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by the following malware: TROJ_MDROP.GVJ Installation This backdoor drops the following files: %System%
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It deletes the initially executed copy of itself.
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It deletes the initially executed copy of itself.
Both malware are related to the modified Enfal variants, which were reported to have infected 874 systems in 33 countries. To get a one-glance comprehensive view of the behavior of this Backdoor,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It gathers certain information on the affected computer. Arrival Details This
This backdoor may be downloaded by other malware/grayware from remote sites. It does not have any propagation routine. It executes commands from a remote malicious user, effectively compromising the
This backdoor executes commands from a remote malicious user, effectively compromising the affected system. Arrival Details This backdoor may be downloaded from the following remote sites:
This backdoor may be dropped by other malware. It connects to a website to send and receive information. Arrival Details This backdoor may be dropped by other malware. Backdoor Routine This backdoor
This malware is a remote access tool (RAT) known as PlugX. It is one of the most common malware used in carrying out targeted attacks. The targeted attacks it has been involved in are mostly directed