Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

BACKDOOR.BRIEWOTS.A

 

 

 

Name:

Backdoor.Briewots.a

Added:

October 7, 2011

Type:

Backdoor

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Backdoor.Briewots.a is executed, it performs the following activities:

After execution, it drops the following files:

%CommonDocuments%\My Pics\PulgFile.log
%CommonDocuments%\My Pics\{Random Name}.tmp
%Temp%\{Random Name}.exe

It creates/modifies the below registry entries:

{Random Name}.exe= "%Temp%\{Random Name}.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Default_Page_URL = "http://132.7[xxx]31.info"
HKU\Software\Microsoft\Internet Explorer\Main

Start Page = "http://132.7[xxx]31.info"
HKU\Software\Microsoft\Internet Explorer\Main

 

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4