Search
Keyword: bkdr_bn.311.eds
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes a remote command prompt. Arrival Details
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware. It executes
This backdoor may be dropped by other malware. Arrival Details This backdoor may be dropped by the following malware: TSPY_INJECTO.KRS Installation This backdoor drops and executes the following
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It executes the downloaded files. As a result,
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It executes commands from a remote malicious user, effectively compromising the affected
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
When executed, this backdoor drops a .DLL file onto the Windows system folder, and then injects it to a certain system process. It also creates a registry key in order to execute the said .DLL.
This backdoor deletes itself after execution. Installation This backdoor drops the following component file(s): %System%\spool\prtprocs\w32x86\{Random File Name}.dll - also detected as BKDR_TDSS.SMD
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. Arrival Details This backdoor may be downloaded by other
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
Other Details Based on analysis of the codes, it has the following capabilities: Exhibits behavior that Trend Micro detects for configuration files that are used by BKDR_QAKBOT malware family.
This Trojan takes advantage of a zero-day exploit in Adobe Flash Player. Several versions of Adobe Flash Player and Adobe Reader and Acrobat are affected, increasing the chances of malware infection
This Trojan has received attention from independent media sources and/or other security firms. In particular, it takes advantage of the Epsilon data-breach incident that was reported in the media. To
It is a command line application that is used by other malware to connect to a remote IP address and open a port. As a result, a malicious user can connect to the affected system and execute
This backdoor may be dropped by TROJ_MDROP.EV. It executes commands from a remote malicious user to delete, download, execute or upload files, get system information and kill processes. It connects
This backdoor may be dropped by other malware. It executes then deletes itself afterward. It opens random ports. Arrival Details This backdoor may be dropped by the following malware: TROJ_PDFKA.IO
This backdoor may arrive bundled with malware packages as a malware component. It may be dropped by other malware. It requires its main component to successfully perform its intended routine. Arrival
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the
This Trojan arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It may be downloaded by other malware/grayware/spyware from remote sites. It may be