Home / malwarePDF  

Trojan.Bitterbug


First posted on 08 August 2014.
Source: Symantec

Aliases :

There are no other names known for Trojan.Bitterbug.

Explanation :

When the Trojan is executed, it creates the following files:
%UserProfile%\Application Data\execute.exe%UserProfile%\Application Data\pathfile.txt%UserProfile%\Application Data\tempfile.txt%UserProfile%\Application Data\version.txt
The Trojan opens a back door on the compromised computer, and connects to the following location:
[http://]199.91.173.43/fetch_updat[REMOVED]

The Trojan may perform the following actions:
Download and execute remote filesUpload data files from the compromised computer to a remote server

Last update 08 August 2014

 

TOP