BKDR_QAKBOT.SME2
June 03, 2013
PLATFORM:
Windows 2000, XP, Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
SYSTEM IMPACT RATING:
Threat Type: Backdoor
Destructiveness: No
Encrypted: Yes
In the wild: Yes
OVERVIEW
This backdoor deletes itself after execution.
TECHNICAL DETAILS
File Size: Varies
File Type: PE
Memory Resident: No
Initial Samples Received Date: 23 Nov 2010
Installation
This backdoor drops the following files:
- %System Root%\Documents and Settings\All Users\Documents\Server\admin.txt
- %System Root%\Documents and Settings\All Users\Documents\Server\hlp.dat
(Note: %System Root% is the root folder, which is usually C:\. It is also where the operating system is located.)
It creates the following folders:
- %System Root%\All Users\Documents\Server
(Note: %System Root% is the root folder, which is usually C:\. It is also where the operating system is located.)
Other Details
This backdoor deletes itself after execution.