Troj/Bckdr-QOE is a backdoor Trojan for the Windows platform.
The Trojan arrives as a self-extracting archive which when run drops the following files:
<windows>\system32\winnt\system.exe
<windows>\system32\winnt\3proxy.cfg
<windows>\system32\winnt\cssrs.exe
<windows>\system32\winnt\start.exe
<windows>\system32\winnt\alg.exe
<windows>\system32\winnt\register.reg
<windows>\system32\winnt\pic.url
alg.exe is then launched which updates the registry with the contents of the register.reg file (this adds an SSH host key), starts the proxy (cssrs.exe) and establishes an SSH tunel using system.exe.
pic.url is a link to a website which currently contains an advertisement for a vehicle