SecurityHome.eu Backdoor:Win32/Farfli.AV

Home / malware PDF

Backdoor:Win32/Farfli.AV

First posted on 25 June 2013.
Source: Microsoft
Aliases :
There are no other names known for Backdoor:Win32/Farfli.AV.
Explanation :

Installation

The trojan adds itself to the start menu to make sure it loads each time Windows starts. It copies itself as <start menu>\Programs\Startup\killmdx.

Payload

Connects to a remote server

Backdoor:Win32/Farfli.AV tries to connect to a remote server to receive commands.

We have seen it contact hackxiaoben.3322.org

Allows backdoor access and control

This trojan gives an attacker access and control of your computer, including, but not limited to, the following actions:

Downloading and running files, including malware

Uploading files

Spreading to other computers

Logging keystrokes or stealing sensitive information

Modifying system settings

Running or stopping applications

Deleting files

Analysis by Daniel Radu

Last update 25 June 2013

TOP

Malware :

Backdoor:Win32/Heloag.A
Exploit:Win32/CVE-2011-3402
Trojan:Win32/Obfac
Exploit:Win32/Pdfjsc.YP
TrojanDownloader:Win32/Bofang.B

Last 20

Family:

Backdoor:Win32/Farfli.AV
Backdoor:Win32/Farfli.I