Examples of Troj/Bckdr-RDP include:
Example 1
File Information
- Size
- 119K
- SHA-1
- 3011505c34ab7567ab9e49fad812893232b82000
- MD5
- 8096162defe8ce8c4368632018156374
- CRC-32
- 08f2b060
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-04
Other vendor detection
- Avira
- TR/Spy.110080.25
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Application Data\ohydy.exe
Registry Keys Created
- HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- Taskman
- c:\Documents and Settings\test user\Application Data\ohydy.exe
DNS Requests
- ff.fifa2012terra.com
- ff.fjpark.com
Example 2
File Information
- Size
- 110K
- SHA-1
- c52ba447cebf528ef3425525e62a07257e4ebbb4
- MD5
- e317ff49bb77ba581e87afc8962c05ac
- CRC-32
- 92d58877
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-04
Other vendor detection
- Avira
- TR/Spy.112128.11
- Kaspersky
- Backdoor.Win32.IRCBot.qak
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Application Data\ltzqai.exe
Registry Keys Created
- HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- Taskman
- c:\Documents and Settings\test user\Application Data\ltzqai.exe
DNS Requests
- ff.fifa2012terra.com
- ff.fjpark.com
Example 3
File Information
- Size
- 108K
- SHA-1
- da6c398a7cd9994624fe88294674cc9e6a802fd1
- MD5
- 1c61a770b89da955e664f1f352864bb8
- CRC-32
- 87bf98ac
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-03
Other vendor detection
- Avira
- TR/Spy.110080.25
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Application Data\ohydy.exe
Registry Keys Created
- HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- Taskman
- c:\Documents and Settings\test user\Application Data\ohydy.exe
DNS Requests
- ff.fifa2012terra.com
- ff.fjpark.com