Troj/FakeAV-BAQ is a Trojan for the Windows platform.
Troj/FakeAV-BAQ includes functionality to:
- run automatically
- create batch scripts
- access the internet and communicate with a remote server via HTTP
Troj/FakeAV-BAQ communicates via HTTP with the following locations:
93 . 186 . 127 . 92
When Troj/FakeAV-BAQ is installed the following files are created:
<User>\Application Data\82880026\82880026.exe - copy of self
<Desktop>\Security Tool.lnk
<Start Menu\Programs>\Security Tool.lnk
Registry entries are created under:
HKLM\SOFTWARE\82880026
HKLM\SOFTWARE