Search
Keyword: bkdr_bifrose.dli
This Trojan installs a service that monitors incoming packets, which allows execution of backdoor commands from BKDR_HIKIT.A on infected systems. This Trojan may be dropped by other malware. Arrival
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
This is the Trend Micro detection for damaged samples of BKDR_ZACCESS variants. These samples have coding errors that prevent them from properly executing their routines. This backdoor arrives on a
This backdoor is capable of executing the several commands. This backdoor may be dropped by other malware. It connects to a website to send and receive information. Arrival Details This backdoor may
However, as of this writing, the said sites are inaccessible. It deletes itself after execution. Installation This backdoor drops the following files: %Program Files%\Common Files\System\admin.obj -
Upon execution, this backdoor opens the dropped non-malicious .DOC file to trick the users into thinking that it is a harmless Microsoft Word document while it executes in the background. This
This Trojan may be downloaded by other malware/grayware from remote sites. It saves downloaded files into the said created folder. Arrival Details This Trojan may be downloaded by the following
The malware dropper, detected as BKDR_REMOSH.SML is responsible for assigning what service name the malware will use by querying certain registry entry to enumerate network related services. This
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This backdoor arrives on a system as a
Trend Micro has flagged this backdoor as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, it is circulating and building armies (drones)
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It runs
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any propagation routine. It runs
This backdoor may be dropped by other malware. It executes commands from a remote malicious user, effectively compromising the affected system. It connects to a website to send and receive
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It opens a random port to allow a remote user to
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It is injected into all running processes to remain
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It arrives as a component bundled with
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from a remote malicious user,
This backdoor arrives as an attachment to email messages spammed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded