English 
Deutsch
Español
Français
Portuguese
Backdoor.Win32.Small.vy Backdoor.Win32.Small.vy
By
GoldSparrow in 
Loading ...
Backdoor.Win32.Small.vy Description
Backdoor.Win32.Small.vy is a malignant backdoor Trojan that can run in the background of a system without a user’s awareness. Backdoor.Win32.Small.vy makes it possible for remote attackers to access and control a victim’s computer system. Backdoor.Win32.Small.vy may download other malicious programs onto the infected system, further compromising the security of the computer system.
Type: Backdoors
Aliases: Trojan-Dropper.Win32.Small.VY (Ikarus), Mal/Behav-112 (Sophos), Trojan-Dropper.Win32.Small.vy (Kaspersky Lab), TROJ_MALM94.A (Trend Micro), TrojanDropper:Win32/Small (Microsoft).
How Can You Detect Backdoor.Win32.Small.vy?
Backdoor.Win32.Small.vy Technical Report
As new Backdoor.Win32.Small.vy details are reported by our customers and findings from our Threat Research Center, we will update this section.
Backdoor.Win32.Small.vy’s Country of Origin:
- Turkey
Backdoor.Win32.Small.vy has typically the following processes in memory:
- %System%\wincom.exe
- %System%\WORKGROUPS.{208D2C60-3AEA-1069-A2D7-08002B30309D}\messnger.exe
- %System%\WORKGROUPS.{208D2C60-3AEA-1069-A2D7-08002B30309D}\nreg.exe
- %System%\WORKGROUPS.{208D2C60-3AEA-1069-A2D7-08002B30309D}\SVCHOST.EXE
Backdoor.Win32.Small.vy creates the following registry entries:
- HKEY_CURRENT_USER\Software\NirSoft\MailPassView
- HKEY_CURRENT_USER\Software\NirSoft
- HKEY_LOCAL_MACHINE\SOFTWARE\CzKombo2.6
- HKEY_CURRENT_USER\Software\NirSoft\MessenPass
Important Article Disclaimer
This entry was posted on 11/5/09 and is filed under Backdoors.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
