BKDR_AGENT.QXI
October 09, 2012
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: Backdoor
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
TECHNICAL DETAILS
File Size:
196,735 bytes
File Type:
EXE
Memory Resident:
Yes
Initial Samples Received Date:
24 Jun 2011
Backdoor Routine
This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
Other Details
This backdoor connects to the following possibly malicious URL:
- http://{BLOCKED}b.{BLOCKED}ne.net
- http://{BLOCKED}0.{BLOCKED}3.245.113