Home / malware Backdoor.Remexi.B
First posted on 10 November 2015.
Source: SymantecAliases :
There are no other names known for Backdoor.Remexi.B.
Explanation :
The Trojan can be installed by the user or by other malware.
Once executed, the Trojan creates the following files:
%System%\mas.dll
%Temp%\WIN[RANDOM FILE NAME].tmp
Next, it creates the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SEA
The Trojan then opens a back door on the compromised computer and connects to the following remote location:
87.117.204.143
The Trojan may then perform malicious activities on the compromised computer.Last update 10 November 2015