|Detected||Sep 12 2007 10:24 GMT|
|Released||Sep 12 2007 10:24 GMT|
|Published||Jul 15 2008 08:24 GMT|
This Trojan provides a remote malicious user with access to the victim machine. It is a PHP script. It is 229051 bytes in size.
This backdoor can be installed on a web server by a remote malicious user by uploading it via FTP, using the administrator's log-in details which have already been stolen. It can also be used to exploit a range of web site vulnerabilities which make it possible to upload a random file to the directory which contains the site scripts. Once this has been done, a hidden page appears on the site. Opening this page makes it possible for the malicious user to launch the backdoor and make use of its malicious functionality.
This backdoor is designed to provide remote, unauthorised administration of web servers. When the backdoor is launched, the malicious user is shown the backdoor interface:
The backdoor is able to conduct the following actions on the remote server:
hiding the address of the remote malicious user.
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
Backdoors are designed to give malicious users remote control over an infected computer. In terms of functionality, Backdoors are similar to many administration systems designed and distributed by software developers.
These types of malicious programs make it possible to do anything the author wants on the infected computer: send and receive files, launch files or delete them, display messages, delete data, reboot the computer, etc.
The programs in this category are often used in order to unite a group of victim computers and form a botnet or zombie network. This gives malicious users centralized control over an army of infected computers which can then be used for criminal purposes.
There is also a group of Backdoors which are capable of spreading via networks and infecting other computers as Net-Worms do. The difference is that such Backdoors do not spread automatically (as Net-Worms do), but only upon a special “command” from the malicious user that controls them.