Threat Encyclopedia

http://root.{BLOCKED}a.ru:3162

Publish date: November 04, 2013

ANALYSIS BY

Kenneth Guang Zheng Lee


URL BLOCKING DATE/TIME: 19 Oct 2013 12:00:00 AM GMT-8
RATING: HIGH
DOMAIN: root.s4media.ru
CATEGORY: Disease Vector
DESCRIPTION

BKDR_SHOTODOR.A connects to this URL to send and receive commands from a remote malicious user. This malware makes use of “garbage” strings, which in actual hides the malicious code. The said malicious code is an obfuscated AutoIt script.

Featured Stories

Connect with us on