SecurityHome.eu Backdoor:Win32/Qakbot!lnk

Home / malware PDF

Backdoor:Win32/Qakbot!lnk

First posted on 05 March 2013.
Source: Microsoft
Aliases :
Backdoor:Win32/Qakbot!lnk is also known as Exploit.Win32.CVE-2010-2568.gen (Kaspersky), CVE_2010_2568.A (Norman), EXP/CVE-2010-2568.U (Avira), Exploit.CVE-2010-2568.Gen (BitDefender), Exploit.CplLnk (Dr.Web), LNK/Exploit.CVE-2010-2568 trojan (ESET), Backdoor.Win32.Qakbot (Ikarus), LNK_QAKBOT.SM (Trend Micro).
Explanation :

Backdoor:Win32/Qakbot!lnk is a malicious shortcut file placed in network shares. The file has a randomly-generated name. If you access the network share from a computer that is vulnerable to the issue described in MS10-046, your computer may become infected with TrojanDropper:Win32/Qakbot.A, which, in turn, also infects your computer with Backdoor:Win32/Qakbot.P.

Analysis by Stefan Sellmer

Last update 05 March 2013

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20