Home / malware Backdoor:Win32/Kanav.C
First posted on 27 August 2012.
Source: MicrosoftAliases :
Backdoor:Win32/Kanav.C is also known as Packed.Win32.Klone.bu (Kaspersky).
Explanation :
Backdoor:Win32/Kanav.C is a trojan that allows unauthorized access and control of an affected computer. Installation Backdoor:Win32/Kanav.C creates the following file on an affected computer:Note: <system folder> refers to a variable location that is determined by the malware by querying the Operating System. The default installation location for the System folder for Windows 2000 and NT is C:\Winnt\System32; and for XP, Vista, and 7 is C:\Windows\System32. Payload Allows backdoor access and control Backdoor:Win32/Kanav.C allows unauthorized access and control of an affected computer. An attacker can perform any number of different actions on an affected computer using Backdoor:Win32/Kanav.C. This could include, but is not limited to, the following actions:
- <system folder>\vmtoolsd.exe
- Download and execute arbitrary files
- Upload files
- Spread to other computers using various methods of propagation
- Log keystrokes or steal sensitive data
- Modify system settings
- Run or terminate applications
- Delete files
This malware description was produced and published using our automated analysis system's examination of file SHA1 97d65bfa2db53b4ed822f36cc77fb4abfd6d135e.Last update 27 August 2012
