Search
Keyword: trojan backdoor
This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes then deletes itself afterward. It executes
by users when visiting malicious sites. Backdoor Routine However, as of this writing, the said sites are inaccessible. Dropping Routine This Trojan drops the following files: %User Temp%\svchost.exe -
SWISYN is a Trojan family first spotted around 2009. It is known primarily as a malware that drops other malware and executes them on the system it affects. This causes the affected system to display
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It disables Task Manager, Registry Editor, and Folder
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It executes
connection from a remote host. Backdoor commands are passed as parameters to HTTP requests. PHP/Shellbot.6603 (AntiVir); Trojan Horse PERL/ShellBot.B (AVG); Backdoor.PHP.ALZ (Ikarus)
accesses the said website. However, as of this writing, the said sites are inaccessible. Arrival Details This Trojan may be hosted on a website and run when a user accesses the said website. Backdoor Routine
or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website. Backdoor Routine This Trojan executes the
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This Trojan arrives on a system as a
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\ Windows\CURRENTVERSION\Run {random} = rundll32.exe "%Windows%\{random}.dll",Startup Backdoor Routine This Trojan opens a random port to allow a remote user to connect to the
following processes: svchost.exe Backdoor Routine This Trojan connects to the following websites to send and receive information: http://{BLOCKED}.{BLOCKED}.252.245 As of this writing, the said sites are
Backdoor Routine This Trojan connects to the following websites to send and receive information: http://{BLOCKED}a.co.cc/ http://{BLOCKED}a.co.cc/ Compromises system security
{Malware File Name without Extension} imagepath = {Malware Path and File Name} Backdoor Routine This Trojan opens a random port to allow a remote user to connect to the affected system. Once a successful
unknowingly by users when visiting malicious sites. Backdoor Routine This Trojan executes the following commands from a remote malicious user: Arbitrary code execution It connects to the following websites to
Trojan Spy injects codes into the following process(es): svchost.exe spoolsv.exe Backdoor Routine This Trojan Spy connects to the following websites to send and receive information: {BLOCKED}.{BLOCKED
of this writing, the decrypted code is a backdoor as BACKDOOR.WIN32.QUSARRAT.B This Trojan checks if the file is executed using svchost . N/A Downloaded from the Internet
REMOSH is known as part of the Night Dragon attack in 2011. It targets mostly networks that belong to energy companies. It is a backdoor-hacking tool combination. The hacking tool acts as a Trojan
REMOSH is known as part of the Night Dragon attack in 2011. It targets mostly networks that belong to energy companies. It is a backdoor-hacking tool combination. The hacking tool acts as a Trojan