Search
Keyword: bkdr_bn.311.eds
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. Arrival Details This backdoor may be downloaded by other
When executed, it connects to servers to receive commands from the remote user. It also attempts to hide its component files by writing specific files at the end of the infected system's hard disk.
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the
This backdoor may arrive bundled with malware packages as a malware component. It may be dropped by other malware. It requires its main component to successfully perform its intended routine. Arrival
This backdoor may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It sends the information it gathers to remote sites. Arrival Details This
It drops a copy of itself. It also drops a .SYS file detected as BKDR_TDSS.OW. It creates files in the last sector of the disk. This Trojan may be dropped by other malware. It may be unknowingly
This Trojan has received attention from independent media sources and/or other security firms. In particular, it takes advantage of the Epsilon data-breach incident that was reported in the media. To
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It opens random ports. It executes
It is a command line application that is used by other malware to connect to a remote IP address and open a port. As a result, a malicious user can connect to the affected system and execute
This backdoor may be dropped by TROJ_MDROP.EV. It executes commands from a remote malicious user to delete, download, execute or upload files, get system information and kill processes. It connects
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be downloaded by other malware/grayware/spyware from remote sites. It may be
Other Details Based on analysis of the codes, it has the following capabilities: Exhibits behavior that Trend Micro detects for configuration files that are used by BKDR_QAKBOT malware family.
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
This backdoor may be dropped by other malware. It executes then deletes itself afterward. It opens random ports. Arrival Details This backdoor may be dropped by the following malware: TROJ_PDFKA.IO
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. Arrival Details This backdoor may be downloaded by other
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below. This backdoor may be dropped by other malware. Arrival Details This backdoor may be
This Backdoor drops the copies of itself into the affected system. Installation This backdoor drops the following copies of itself into the affected system: %Windows%\dbramsy.exe (Note: %Windows% is
This Trojan takes advantage of a zero-day exploit in Adobe Flash Player. Several versions of Adobe Flash Player and Adobe Reader and Acrobat are affected, increasing the chances of malware infection
Trend Micro has flagged this malware as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, taking advantage of a zero-day vulnerability in