Home / malware Trojan.Bitterbug
First posted on 08 August 2014.
Source: SymantecAliases :
There are no other names known for Trojan.Bitterbug.
Explanation :
When the Trojan is executed, it creates the following files:
%UserProfile%\Application Data\execute.exe%UserProfile%\Application Data\pathfile.txt%UserProfile%\Application Data\tempfile.txt%UserProfile%\Application Data\version.txt
The Trojan opens a back door on the compromised computer, and connects to the following location:
[http://]199.91.173.43/fetch_updat[REMOVED]
The Trojan may perform the following actions:
Download and execute remote filesUpload data files from the compromised computer to a remote serverLast update 08 August 2014