BKDR_BLBINDI.NTB
Publish Date: 24 de lutego de 2015
Backdoor:MSIL/Bladabindi.G (Microsoft); UDS:DangerousObject.Multi.Generic (Kaspersky); Win32:Malware-gen (Avast)
PLATFORM:
Windows
OVER ALL RISK RATING:
DAMAGE POTENTIAL::
DISTRIBUTION POTENTIAL::
REPORTED INFECTION:
INFORMATION EXPOSURE:
Low
Medium
High
Critical
Threat Type:
Backdoor
Destructiveness:
No
Encrypted:
In the wild::
Yes
OVERVIEW
TECHNICAL DETAILS
File size: 875,520 bytes
File type: EXE
INITIAL SAMPLES RECEIVED DATE: 11 lutego 2015
Otras modificaciones del sistema
Agrega las siguientes entradas de registro:
HKEY_CURRENT_USER
di = "!"
HKEY_CURRENT_USER\Environment
SEE_MASK_NOZONECHECKS = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\
List
{full path and file name of malware} = "{full path and file name of malware}:*:Enabled:{file name of malware}"