|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This backdoor may be dropped by malware detected by Trend Micro as TROJ_FAKECLEAN.A.
It drops files/components. It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys/entries.
It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 24, 2008 4:50:22 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
