TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
BKDR_HUPIGON.MER
Overview
Solution

Malware type: Backdoor

Aliases: Backdoor.Win32.Hupigon.ugc (Kaspersky), Downloader (Symantec), TR/Dldr.Small.Dig.1 (Avira), Troj/Hupigon-TB (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Low

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

BKDR_HUPIGON.MER

Malware Overview

This backdoor is dropped by other malware. It can also be downloaded unknowingly by a user when visiting malicious Web sites.

Upon execution, it opens a certain Web site to hide its execution routines. Once opened, the said Web site shows the following content:

Blood Pressure Guide screenshot

This backdoor uses TCP port 80 to connect to a certain server and listens for certain commands from a remote malicious user. The said routine provides the remote user virtual control over the affected system, thus compromising system security

For additional information about this threat, see:
Solution
Technical Details

Description created: Dec. 22, 2007 12:37:32 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.