|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This backdoor may be dropped by TROJ_MCWORDP.A.
It drops various files onto the affected system, including files also detected as BKDR_AGENT.VBI. It also modifies the Windows registry so that it runs at every system startup.
It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Dec. 12, 2008 6:25:50 PM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
