pátek 24. února 2012

Backdoor:Win32/Votwup.B


Encyclopedia entry
Updated: Apr 17, 2011  |  Published: Jan 27, 2011

Aliases
  • Trojan.Senkrad (Symantec)

Alert Level (?)
Severe

Antimalware protection details
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.121.332.0
Released: Feb 24, 2012
Detection initially created:
Definition: 1.63.47.0
Released: Jul 22, 2009


 

Summary

Backdoor:Win32/Votwup.B allows unauthorized access and control of an affected computer.


 

Symptoms

System changes
The following system changes may indicate the presence of this malware:
  • The presence of the following files:
  • %windir%\system\dwm.exe
    %windir%\temp\ddid 



 

Technical Information (Analysis)

Backdoor:Win32/Votwup.B allows unauthorized access and control of an affected computer.
Installation
When executed, Backdoor:Win32/Votwup.B copies itself to %windir%\system\dwm.exe.

The malware creates the following files on an affected computer:

  • %windir%\temp\ddid
Payload
Allows backdoor access and control
Backdoor:Win32/Votwup.B allows unauthorized access and control of an affected computer. An attacker can perform any number of different actions on an affected computer using Backdoor:Win32/Votwup.B. This could include, but is not limited to, the following actions:

  • Download and execute arbitrary files
  • Upload files
  • Spread to other computers using various methods of propagation
  • Log keystrokes or steal sensitive data
  • Modify system settings
  • Run or terminate applications
  • Delete files

This malware description was produced and published using our automated analysis system's examination of file SHA1a512216cab1b46d09534f193f141a936875b2f8e.

Žádné komentáře:

Okomentovat

Poznámka: Komentáře mohou přidávat pouze členové tohoto blogu.