Home / malwarePDF  


First posted on 20 July 2019.
Source: Microsoft

Aliases :

Backdoor:Win32/Tofsee.I is also known as Win-Trojan/Agent2.31744, Trojan.Win32.Agent2.gik, W32/Smalltroj.LNZX, TrojanDropper:Win32/Tofsee.gen!A.

Explanation :

Backdoor:Win32/Tofsee.I is a component of Win32/Tofsee - a multi-component family of backdoor trojans that act as a spam and traffic relay. This component is used to load the main component, detected as Backdoor:Win32/Tofsee.F.  Backdoor:Win32/Tofsee.F functions as an HTTP proxy, using its backdoor functionality to receive commands that may order it to generate and send e-mail.  For more information, please see the Backdoor:Win32/Tofsee.F description elsewhere in our encylopedia.  Analysis by Jireh Sanico

Last update 20 July 2019