Home / malwarePDF  

Backdoor.Duuzer


First posted on 22 August 2015.
Source: Symantec

Aliases :

There are no other names known for Backdoor.Duuzer.

Explanation :

The Trojan may arrive on the compromised computer after being downloaded by other threats.

When the Trojan is executed, it opens a back door on the compromised computer and connects to one of the following locations:
197.211.212.59:443200.58.79.153:443213.190.192.209:443
The Trojan may steal the following information and send it to the remote attacker:
Computer nameUsernameOperating systemThreat location
The Trojan may perform the following actions on the compromised computer:
Execute commands, pipe the results to a file, and send the contents to the remote attackerStart an interactive command shellRename filesChange file timesOverwrite filesDelete filesDownload filesUpload filesObtain file lists from directoriesList processesTerminate processesCreate processesObtain information on available drives

Last update 22 August 2015

 

TOP