Downloaded from the Internet, Dropped by other malware
The HUPIGON malware family consists of backdoors. These are usually dropped by other malware onto a system or are downloaded unknowingly by users when visiting malicious sites. HUPIGON variants may drop several files or copies of themselves.
HUPIGON variants open ports or connect to servers to allow remote users to connect to the affected system. Once a successful connection is established, the remote user executes commands on the system, such as to delete files and folders, download and execute files, and terminate processes.
Variants may also gather information about the affected system. They can also steal information such as logged keystrokes, passwords, and other user credentials.
Connects to URLs/IPs
This backdoor drops the following files:
(Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, or C:\Windows\System32 on Windows XP and Server 2003.. %Windows% is the Windows folder, which is usually C:\Windows or C:\WINNT.)
It drops the following copies of itself into the affected system: