SecurityHome.eu Backdoor.Emdivi

Home / malware PDF

Backdoor.Emdivi

First posted on 18 October 2014.
Source: Symantec
Aliases :
There are no other names known for Backdoor.Emdivi.
Explanation :
The Trojan may arrive through an email attachment.

When the Trojan is executed, it creates the following files: %Temp%\kptl.doc%Temp%\leassnp.exe
Next, the Trojan creates the following file so that it runs every time Windows starts: %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup\leassnp.lnk
The Trojan may then perform the following actions: Connect to remote locationsOpen a back door
Last update 18 October 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Backdoor.Typideg!gen1
Backdoor.Breut!gm
Backdoor:Solaris/Wanukdoor.A
Backdoor.Winnti!gen3
Backdoor.Korplug!gm
Backdoor.Gresim!gen1
Backdoor.Win32.Wisdoor.N
Backdoor:W32/PcClient.YW
Backdoor.Destover
Backdoor.Oldrea!gen1