|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This backdoor may be downloaded by HTML_DLOADER.AS.
It drops a component file, which is also detected as BKDR_AGENT.XZMS. It makes changes to the Windows registry, some of which allow its automatic execution at every system startup.
It creates a hidden window of Internet Explorer which connects to the following Web site to listen for remote commands from a malicious user.
It creates a mutex to ensure that only one instance of itself is running in memory. It deletes itself after execution.
For additional information about this threat, see:
Solution
Technical Details
Description created: Feb. 17, 2009 2:34:48 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
