Search
Keyword: bkdr_bn.311.eds
This worm poses as a font file and uses the LNK vulnerability to propagate. There has also been an increase in customer infection because of this malware. To get a one-glance comprehensive view of
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
This backdoor may arrive bundled with malware packages as a malware component. It exports functions used by other malware. It deletes the initially executed copy of itself. Arrival Details This
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It connects
This backdoor spoofs Trend Micro and <i>Skype</i> by using URLs purportedly related to the said brand names. When executed, BKDR_FARFLI.XLS connects to malicious URLs to send sensitive
This backdoor disguises as a revolutionary document in order to lure Syrian activists into downloading and executing the malware. To get a one-glance comprehensive view of the behavior of this
This backdoor may be dropped by other malware. It opens a hidden Internet Explorer window. It executes commands from a remote malicious user, effectively compromising the affected system. It deletes
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It connects to a website to send and receive
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. However, as of this writing, the said sites are
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself.
This backdoor may be downloaded by other malware/grayware from remote sites. It executes then deletes itself afterward. It connects to a website to send and receive information. Arrival Details This
This backdoor deletes its dropper component after the DLL is installed as service. Its service name is randomly selected, based on the result of a certain registry query. Before continuing to
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It executes the dropped file(s). As a result, malicious routines of the
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. Arrival Details This backdoor may be downloaded by other
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This backdoor attempts to connect to certain servers saved in the registry. Once connected, it gathers information from the affected system by executing commands in CMD. The results are saved in the
This backdoor may be downloaded by other malware/grayware/spyware from remote sites. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
This backdoor may be dropped by other malware. It connects to a website to send and receive information. It logs a user's keystrokes to steal information. Arrival Details This backdoor may be dropped
This backdoor may be dropped by other malware. It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes