Troj/Bckdr-RDT

Category: Viruses and Spyware Protection available since:02 Sep 2010 23:29:57 (GMT)
Type: Trojan Last Updated:02 Sep 2010 23:29:57 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Bckdr-RDT include:

Example 1

File Information

Size
89K
SHA-1
96a72e39cae2887b86a212d08e0de4ceead5b8fc
MD5
8c564e72fe61c097cf3c5e8621cd95fb
CRC-32
a104c0f9
File type
application/x-ms-dos-executable
First seen
2010-08-26

Other vendor detection

Avira
BDS/LolBot.ID
Kaspersky
Backdoor.Win32.LolBot.id

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\HEX-5823-6893-6818\jusched.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Java Update Manager
    c:\Documents and Settings\test user\Application Data\HEX-5823-6893-6818\jusched.exe
  • HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
    c:\Documents and Settings\test user\Application Data\HEX-5823-6893-6818\jusched.exe
    c:\Documents and Settings\test user\Application Data\HEX-5823-6893-6818\jusched.exe:*:Enabled:Java Update Manager
Processes Created
  • c:\documents and settings\support\application data\hex-5823-6893-6818\jusched.exe
DNS Requests
  • msnsolution.nicaze.net

Example 2

File Information

File type
application/x-ms-dos-executable

Other vendor detection

Kaspersky
Backdoor.Win32.LolBot.qn

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy