Home / malwarePDF  


First posted on 08 May 2020.
Source: Microsoft

Aliases :

There are no other names known for Backdoor:Win32/Heloag.A.

Explanation :

Backdoor:Win32/Heloag.A is a trojan that allows unauthorized access and control of an affected  computer. It connects to a remote host for instructions.Payload Allows backdoor access and control When executed, Backdoor:Win32/Heloag.A connects to a remote server and waits for instructions.  In the wild, Backdoor:Win32/Heloag.A has been observed connecting to IP on port 9090 for this purpose.   Using this backdoor, a remote attacker can instruct an affected machine to: Download a file to the %temp% directory and execute it Start/stop TCP/UDP/HTTP Denial of Service attack against a specified host.   Analysis by Chun Feng

Last update 08 May 2020