Home / malwarePDF  

Backdoor.Zoxepong


First posted on 21 November 2014.
Source: Symantec

Aliases :

There are no other names known for Backdoor.Zoxepong.

Explanation :

When the Trojan is executed, it connects to the following remote location:[http://][COMMAND-AND-CONTROL SERVER]/img[REMOVED]
The Trojan may then perform the following actions:Open a back doorCreate foldersMove and delete filesDownload and upload filesExecute remote commandsEnumerate files and drivesEnd processes

Last update 21 November 2014

 

TOP