SecurityHome.eu Backdoor.Destover

Home / malware PDF

Backdoor.Destover

First posted on 03 December 2014.
Source: Symantec
Aliases :
There are no other names known for Backdoor.Destover.
Explanation :
When the Trojan is executed, it creates the following file:%SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup\[THREAT FILE NAME]
The Trojan then connects to the following IP addresses and ports:203.131.222.102 on TCP port 443208.105.226.235 on TCP port 443
The Trojan may then perform the following actions:Delete filesChange files' time stampsExecute commands through cmd.exeCreate processesList running processesEnd processesGather system information
Last update 03 December 2014

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Backdoor.Typideg!gen1
Backdoor.Breut!gm
Backdoor:Solaris/Wanukdoor.A
Backdoor.Winnti!gen3
Backdoor.Korplug!gm
Backdoor.Gresim!gen1
Backdoor.Win32.Wisdoor.N
Backdoor:W32/PcClient.YW
Backdoor.Destover
Backdoor.Oldrea!gen1