SecurityHome.eu Backdoor.Typideg

Home / malware PDF

Backdoor.Typideg

First posted on 05 July 2014.
Source: Symantec
Aliases :
There are no other names known for Backdoor.Typideg.
Explanation :
When the Trojan is executed, it may create the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"conime" = "[THREAT PATH]"

Note: [THREAT PATH] indicates that the path can be anywhere the threat is run from.

The Trojan opens a back door on the compromised computer, and connects to one of the following URLs:
[http://]98.188.111.244/home/inde[REMOVED][http://]wwap.publiclol.com/home/inde[REMOVED][http://]59.0.249.11/home/inde[REMOVED][http://]198.209.212.82/home/inde[REMOVED]
The Trojan may perform the following actions:
Download and execute remote filesUpload files from the compromised computer
Last update 05 July 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Backdoor.Typideg!gen1
Backdoor.Breut!gm
Backdoor:Solaris/Wanukdoor.A
Backdoor.Winnti!gen3
Backdoor.Korplug!gm
Backdoor.Gresim!gen1
Backdoor.Win32.Wisdoor.N
Backdoor:W32/PcClient.YW
Backdoor.Destover
Backdoor.Oldrea!gen1