Analysis by: Augusto II Remillano
 ALIASES:

PHP:BackDoor-DE [Trj] (Avast), Backdoor:PHP/SimpleShell.A (Microsoft)

 PLATFORM:

Windows

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 SYSTEM IMPACT RATING:

  • Threat Type: Backdoor

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be hosted on a website and run when a user accesses the said website.

  TECHNICAL DETAILS

Tipo de compactação: 1,561 bytes
Tipo de arquivo: GIF
Residente na memória: Yes
Data de recebimento das amostras iniciais: 08 Nov 2018

Arrival Details

This Backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It may be hosted on a website and run when a user accesses the said website.

Other Details

This Backdoor requires being hosted on a web server in order to proceed with its intended routine.