Analysis by: Jed Valderama
 PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Backdoor

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be dropped by other malware.

It executes commands from a remote malicious user, effectively compromising the affected system.

It requires its main component to successfully perform its intended routine.

  TECHNICAL DETAILS

Residente en memoria No
Fecha de recepción de las muestras iniciales 24 Aug 2012

Arrival Details

This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It may be dropped by other malware.

Backdoor Routine

This backdoor executes the following commands from a remote malicious user:

  • Connect to a URL or website passed on to it as a parameter by its main component
  • Download other possibly malicious files
  • Execute the downloaded file
  • Collect system information and send it to the supplied URL

Other Details

This backdoor requires its main component to successfully perform its intended routine.