BKDR_AGENT.QXI
October 09, 2012
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: Backdoor
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
TECHNICAL DETAILS
File Size: 196,735 bytes
File Type: EXE
Memory Resident: Yes
Initial Samples Received Date: 24 Jun 2011
Backdoor Routine
This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
Other Details
This backdoor connects to the following possibly malicious URL:
- http://{BLOCKED}b.{BLOCKED}ne.net
- http://{BLOCKED}0.{BLOCKED}3.245.113