Home / malware Trojan:Win32/Chopper.A
First posted on 12 April 2016.
Source: MicrosoftAliases :
There are no other names known for Trojan:Win32/Chopper.A.
Explanation :
This threat is normally packed with an Ultimate Packer for Executables (UPX). UPX is a free and open source executable packer supporting a number of file formats from different operating systems, according to its Wikipedia description.
This detection covers the China Chopper controller, a backdoor malware with the following components:
- Web shell command-and-control (CnC) client binary
- Text-based Web shell payload (server component)
This backdoor can:
- Manage files (create, delete, and copy files)
- Run SQL queries
- Remotely access the shell to execute any command from the attacker
Payload
Allows backdoor access and control
This threat is typically used to remotely control web shells installed on a victim's server.
It can give a malicious hacker access and control of your PC. They can then perform a number of different actions, such as:
This malware description was produced and published using the analysis of file SHA1 056a60ec1f6a8959bfc43254d97527b003ae5edb.
- Deleting files
- Downloading and running files
- Logging your keystrokes or stealing your sensitive data
- Modifying your system settings
- Running or stopping applications
- Spreading malware to other PCs
- Uploading files
Related information
- Breaking Down the China Chopper Web Shell - Part I
- Breaking Down the China Chopper Web Shell - Part II
- China Chopper Webshell - the 4KB that Owns your Web Server
Last update 12 April 2016
