SecurityHome.eu Backdoor:Win32/Zegost.B

Home / malware PDF

Backdoor:Win32/Zegost.B

First posted on 27 July 2010.
Source: SecurityHome
Aliases :
Backdoor:Win32/Zegost.B is also known as W32/BackdoorX.DYQT (Authentium (Command)), BackDoor.Agent.AHGH (AVG), BDS/Agent.avvc.1 (Avira), Win32/Redosdru.CP (ESET), Trojan-PWS.Win32.Bjlog (Ikarus), Backdoor.Win32.Agent.avvc (Kaspersky), Mal/Zegost-E (Sophos).
Explanation :
Backdoor:Win32/Zegost.B is the detection for malware that may be used by remote attackers to gain access to the computer in which it is installed.
Top

Backdoor:Win32/Zegost.B is the detection for malware that may be used by remote attackers to gain access to the computer in which it is installed. Installation Once installed, it attaches its code to the following legitimate Windows process:
svchost.exe
Payload Allows backdoor access and control Backdoor:Win32/Zegost.B connects to the following remote server to send and receive data via HTTP transactions: xx0518.3322.org From this server, it may receive commands such as the following: Copying, executing, downloading, and deleting files Gathering information from the RAS phonebook Capturing screenshots

Analysis by Marianne Mallen
Last update 27 July 2010

TOP

Malware :

Last 20

Backdoor:Win32/Zegost.B

Aliases :

Explanation :

Malware :

Family: